g-plans.com Open in urlscan Pro
34.68.56.245 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://g-plans.com/pages/medication/?affid=4992
Submission: On September 21 via api (September 21st 2023, 3:18:41 pm UTC) from US — Scanned from DE

Summary HTTP 107 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 28 domains to perform 107 HTTP transactions. The main IP is 34.68.56.245, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is g-plans.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 11th 2023. Valid for: a year.

This is the only time g-plans.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	34.68.56.245 34.68.56.245	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
12	2a00:1450:400... 2a00:1450:4001:81c::201b	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 7	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.169.40 52.222.169.40	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
16	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:780... 2a02:26f0:780::210:a469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.239.69.78 18.239.69.78	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:1122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
1	2600:9000:209... 2600:9000:2090:a400:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:440... 2606:4700:4400::6812:2412	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	103.224.212.221 103.224.212.221	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
4	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b130:b5b7:17e9:da3f:f876	14618 (AMAZON-AES) (AMAZON-AES)
1	3.222.49.156 3.222.49.156	14618 (AMAZON-AES) (AMAZON-AES)
2	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
107	35

30 34.68.56.245 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 245.56.68.34.bc.googleusercontent.com

g-plans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81c::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:7eaf (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.169.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-169-40.cdg52.r.cloudfront.net

polaris.truevaultcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.69.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-78.ams58.r.cloudfront.net

location.truevaultcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1122 (United States)

ASN13335 (CLOUDFLARENET, US)

static.legitscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2090:a400:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2412 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.224.212.221 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-221.above.com

formcred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

usemoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f196.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:b5b7:17e9:da3f:f876 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.49.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-49-156.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	g-plans.com g-plans.com	2 MB
18	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3436 ka-p.fontawesome.com — Cisco Umbrella Rank: 6228	350 KB
12	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 785	2 MB
7	unpkg.com 4 redirects unpkg.com — Cisco Umbrella Rank: 1425	117 KB
4	usemoon.com usemoon.com	912 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	359 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 175	2 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 4242 rp.liadm.com — Cisco Umbrella Rank: 2359 rp4.liadm.com — Cisco Umbrella Rank: 5359	16 KB
3	truevaultcdn.com polaris.truevaultcdn.com — Cisco Umbrella Rank: 64222 location.truevaultcdn.com — Cisco Umbrella Rank: 65477	73 KB
2	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 6135	461 B
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1943	880 B
2	google.de www.google.de — Cisco Umbrella Rank: 3974	562 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2225 www.google.com — Cisco Umbrella Rank: 11	697 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 2460 insight.adsrvr.org — Cisco Umbrella Rank: 964	3 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 814	7 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	legitscript.com static.legitscript.com — Cisco Umbrella Rank: 47986	15 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 1059 p.typekit.net — Cisco Umbrella Rank: 1428	1 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1065	394 B
1	t.co t.co — Cisco Umbrella Rank: 707	377 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 2076	637 B
1	formcred.com formcred.com
1	media6degrees.com action.media6degrees.com — Cisco Umbrella Rank: 15345	253 B
1	dstillery.com 1 redirects action.dstillery.com — Cisco Umbrella Rank: 12305	190 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1759	8 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1078	15 KB
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 3861
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1780	50 KB
107	28

	Domain	Requested by
30	g-plans.com	g-plans.com
16	ka-p.fontawesome.com	kit.fontawesome.com g-plans.com
12	storage.googleapis.com	g-plans.com
7	unpkg.com	4 redirects g-plans.com
4	usemoon.com	g-plans.com
4	www.googletagmanager.com	g-plans.com www.googletagmanager.com
2	pro.ip-api.com	g-plans.com
2	sp.analytics.yahoo.com	g-plans.com
2	www.google.de	g-plans.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	s.yimg.com	g-plans.com s.yimg.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	static.legitscript.com	g-plans.com
2	location.truevaultcdn.com	polaris.truevaultcdn.com
2	kit.fontawesome.com	g-plans.com kit.fontawesome.com
1	insight.adsrvr.org	js.adsrvr.org
1	rp4.liadm.com	g-plans.com
1	rp.liadm.com	1 redirects
1	www.google.com	g-plans.com
1	analytics.twitter.com	g-plans.com
1	t.co	g-plans.com
1	alb.reddit.com	g-plans.com
1	region1.analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	formcred.com	g-plans.com
1	action.media6degrees.com	g-plans.com
1	action.dstillery.com	1 redirects
1	js.adsrvr.org	www.googletagmanager.com
1	b-code.liadm.com	www.googletagmanager.com
1	www.redditstatic.com	g-plans.com
1	static.ads-twitter.com	g-plans.com
1	script.crazyegg.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
1	polaris.truevaultcdn.com	g-plans.com
1	use.typekit.net	g-plans.com
107	36

This site contains links to these domains. Also see Links.

Domain
privacy.g-plans.com
www.ncbi.nlm.nih.gov

Subject Issuer	Validity	Valid
*.g-plans.com AlphaSSL CA - SHA256 - G4	`2023-09-11` - `2024-10-12`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
polaris.truevaultcdn.com Amazon RSA 2048 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
location.truevaultcdn.com Amazon RSA 2048 M02	`2023-05-23` - `2024-06-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-15` - `2024-05-14`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-14` - `2023-10-04`	2 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
hirufmad-api.com R3	`2023-08-28` - `2023-11-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
usemoon.com GTS CA 1P5	`2023-07-25` - `2023-10-23`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-25` - `2023-12-26`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://g-plans.com/pages/medication/?affid=4992
Frame ID: 5700D8F64D8FB0C6B987BF99CBEEDF6A
Requests: 108 HTTP requests in this frame

Frame: https://static.legitscript.com/seals/13219044.js
Frame ID: D5E9A96029B0DA792F58BB03D256EFDD
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=65aggbs&ref=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D4992&upid=2eko8m2&upv=1.1.0
Frame ID: 626971EE78213E6A30771B31AF048169
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

G-Plans | Weight Loss Medication, Telehealth Dieticians and Personalized Diet Plans ProjectArrow pointing to the leftArrow pointing to the right

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

107
Requests

94 %
HTTPS

60 %
IPv6

28
Domains

36
Subdomains

35
IPs

6
Countries

4235 kB
Transfer

9233 kB
Size

14
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://privacy.g-plans.com/privacy-policy?affid=4992
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://privacy.g-plans.com/privacy-policy?affid=4992#california-privacy-notice
Title: | California Privacy Notice |

Search URL Search Domain Scan URL

URL: https://privacy.g-plans.com/opt-out?affid=4992
Title: Do Not Sell or Share My Personal Information

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9486455/?affid=4992
Title: See details.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://unpkg.com/vue@3/dist/vue.global.js HTTP 302
https://unpkg.com/vue@3.3.4/dist/vue.global.js

Request Chain 5

https://unpkg.com/vue3-carousel@latest HTTP 302
https://unpkg.com/vue3-carousel@0.3.1 HTTP 302
https://unpkg.com/vue3-carousel@0.3.1/dist/carousel.js

Request Chain 6

https://unpkg.com/vue3-carousel@latest/dist/carousel.css HTTP 302
https://unpkg.com/vue3-carousel@0.3.1/dist/carousel.css

Request Chain 73

https://action.dstillery.com/orbserv/nsjs?adv=cl1030212&ns=5613&nc=G-Plans_Site_Visitors&ncv=43 HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1030212&ns=5613&nc=G-Plans_Site_Visitors&ncv=43

Request Chain 106

https://rp.liadm.com/j?dtstmp=1695309511142&aid=a-00om&se=e30&duid=4683703cbddb--01haw54ebayknjy7wye005gth6&tna=v2.7.11&pu=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D4992&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPkctUGxhbnMgfCBXZWlnaHQgTG9zcyBNZWRpY2F0aW9uLCBUZWxlaGVhbHRoIERpZXRpY2lhbnMgYW5kIFBlcnNvbmFsaXplZCBEaWV0IFBsYW5zIFByb2plY3Q8L3RpdGxlPjxtZXRhIGRhdGEtaGlkPSJkZXNjcmlwdGlvbiIgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9InVuZGVmaW5lZCI-PGgxPldlaWdodCBsb3NzIDx1Pm1hZGUgZWFzeTwvdT4gPGk-d2l0aCBhIHByZXNjcmlwdGlvbjwvaT4gdG8gc2VtYWdsdXRpZGU8L2gxPjx0aXRsZT5BcnJvdyBwb2ludGluZyB0byB0aGUgbGVmdDwvdGl0bGU-PHRpdGxlPkFycm93IHBvaW50aW5nIHRvIHRoZSByaWdodDwvdGl0bGU- HTTP 302
https://rp4.liadm.com/j?dtstmp=1695309511142&aid=a-00om&se=e30&duid=4683703cbddb--01haw54ebayknjy7wye005gth6&tna=v2.7.11&pu=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D4992&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPkctUGxhbnMgfCBXZWlnaHQgTG9zcyBNZWRpY2F0aW9uLCBUZWxlaGVhbHRoIERpZXRpY2lhbnMgYW5kIFBlcnNvbmFsaXplZCBEaWV0IFBsYW5zIFByb2plY3Q8L3RpdGxlPjxtZXRhIGRhdGEtaGlkPSJkZXNjcmlwdGlvbiIgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9InVuZGVmaW5lZCI-PGgxPldlaWdodCBsb3NzIDx1Pm1hZGUgZWFzeTwvdT4gPGk-d2l0aCBhIHByZXNjcmlwdGlvbjwvaT4gdG8gc2VtYWdsdXRpZGU8L2gxPjx0aXRsZT5BcnJvdyBwb2ludGluZyB0byB0aGUgbGVmdDwvdGl0bGU-PHRpdGxlPkFycm93IHBvaW50aW5nIHRvIHRoZSByaWdodDwvdGl0bGU-&i6=MmEwMTo0YTA6NWE6OjEx&n3pc=true

107 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
g-plans.com/pages/medication/ 31 KB
9 KB 1744ms
117ms Document
text/html 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: ff8130734b94499236fbc87d715bd63ca079cba0a7f81e5a586fb6bdde2f0deb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 21 Sep 2023 15:18:29 GMT
etag: W/"6509685d-7a75"
last-modified: Tue, 19 Sep 2023 09:22:37 GMT

GET
H2 200 helper2.css
storage.googleapis.com/gplans-static/media/tips/messages/images/ 210 KB
211 KB 136ms
12ms Stylesheet
text/css 2a00:1450:4001:81c::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/gplans-static/media/tips/messages/images/helper2.css
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: aabd7b76710107bbc1ef4f2d22cffae6b18c5c6fabd017b2596f161d98443e0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:04:00 GMT
age: 869
x-guploader-uploadid: ADPycdtNcGQ3G_XcNSYIw9o5PizaXd3sqgi3CirgKvtrRQZ709F6TA8CZ6UZ_IN36lOx5MQk4ng
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 215050
last-modified: Mon, 19 Apr 2021 07:21:59 GMT
server: UploadServer
etag: "dba8674a0c0957c555b50421cc0481c2"
x-goog-generation: 1618816919653456
x-goog-hash: crc32c=rkCyxA==, md5=26hnSgwJV8VVtQQhzASBwg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 215050
accept-ranges: bytes
content-type: text/css
expires: Thu, 21 Sep 2023 16:04:00 GMT

GET
H2 200 style.css
g-plans.com/pages/static/styles/medication/ 26 KB
6 KB 119ms
118ms Stylesheet
text/css 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/pages/static/styles/medication/style.css
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: bce8444ba7b7dfb303a0ccbd80294f73011e0ab01a3791305422045c78093723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:29 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
etag: W/"6509685d-68d5"
content-type: text/css

GET
H2 200 cfc27a568d.js Show response
kit.fontawesome.com/ 11 KB
5 KB 216ms
153ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/cfc27a568d.js
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341e98f54770f96e6e22dddba84d617350e9f04db72f9daec6569ec42c756a6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:29 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 80a347f2cb779130-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F4a2Y-QLzh0qSZwlWLVC

GET
H2 200 mcr8mzd.css
use.typekit.net/ 5 KB
1 KB 52ms
24ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/mcr8mzd.css

Requested by

Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

bd0311142ca773d44709ca3ecbbfbc66a243341bdcc5dd59249dca257ee2f921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 21 Sep 2023 15:18:29 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 812

GET
H2

200

vue.global.js Show response
unpkg.com/vue@3.3.4/dist/
Redirect Chain

https://unpkg.com/vue@3/dist/vue.global.js
https://unpkg.com/vue@3.3.4/dist/vue.global.js

463 KB
108 KB

36ms
36ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue@3.3.4/dist/vue.global.js

Requested by

Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21755031dfd12b4d329ff9923ababc9dca8e61432b1223338cd63dd072326a2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:29 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10910656
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H0PZXKG8Y5NK6BRFDX7JWWKE-fra
server: cloudflare
etag: W/"73b2c-4okjvXBLweSylyJtGUFv0c1rdFc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 80a347f2ac6c39d9-FRA

Redirect headers

date: Thu, 21 Sep 2023 15:18:29 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HAW50673QXV4KQHRES2WR5EM-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 138
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /vue@3.3.4/dist/vue.global.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 80a347f28c4739d9-FRA

GET
H2

200

carousel.js Show response
unpkg.com/vue3-carousel@0.3.1/dist/
Redirect Chain

https://unpkg.com/vue3-carousel@latest
https://unpkg.com/vue3-carousel@0.3.1
https://unpkg.com/vue3-carousel@0.3.1/dist/carousel.js

30 KB
7 KB

35ms
29ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue3-carousel@0.3.1/dist/carousel.js

Requested by

Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e86cc826f91a05a8db3ccc036a52384debb48ab5fe06c44cf26b6a930f949ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:29 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8437468
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H30PHA13EKJEJQ9164XBWSEG-fra
server: cloudflare
etag: W/"797d-VfxcJ20aOcSsnbvA2HGQpF9IiEQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 80a347f32d6a39d9-FRA

Redirect headers

date: Thu, 21 Sep 2023 15:18:29 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HAT5JPR54AA2N5D0ZJ0Y2KSG-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 66640
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /vue3-carousel@0.3.1/dist/carousel.js
cache-control: public, max-age=31536000
cf-ray: 80a347f2bc8e39d9-FRA

GET
H2

200

carousel.css
unpkg.com/vue3-carousel@0.3.1/dist/
Redirect Chain

https://unpkg.com/vue3-carousel@latest/dist/carousel.css
https://unpkg.com/vue3-carousel@0.3.1/dist/carousel.css

3 KB
1001 B

52ms
52ms

Stylesheet
text/css

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue3-carousel@0.3.1/dist/carousel.css

Requested by

Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

563286f79ca01010cff7b958dd4edf786592833b4a0ed5c0f7146023d86cdddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:29 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 236716
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HAN3CD08CPVWG7Y9RDQ5RG03-fra
server: cloudflare
etag: W/"b9f-GZwgGZOwabdasd2p7+R7Vclmc2Q"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 80a347f2bc9339d9-FRA

Redirect headers

date: Thu, 21 Sep 2023 15:18:29 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: MISS
fly-request-id: 01HAW54CX8GY0RWEDAGFZ2E786-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /vue3-carousel@0.3.1/dist/carousel.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 80a347f28c4139d9-FRA

GET
H2 200 polaris.js Show response
polaris.truevaultcdn.com/static/ 262 KB
72 KB 148ms
25ms Script
text/javascript 52.222.169.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://polaris.truevaultcdn.com/static/polaris.js
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.169.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-169-40.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e48e7f37c661cb8f1280c5fa60e169052e169a81bd53ccca58b7d9c9b392bce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: xN1_n_TKMOvd5Jp3P5wViUnPEJl_4DA9
content-encoding: gzip
via: 1.1 aaa5fbd869d655f42986dd16509f667e.cloudfront.net (CloudFront)
date: Wed, 20 Sep 2023 22:30:27 GMT
last-modified: Fri, 15 Sep 2023 20:34:46 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P2
age: 60489
x-amz-server-side-encryption: AES256
etag: W/"03e94fa366da227460add3f1d0364e12"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DcdRJZI0BsqIeSdLbDvszNF1ZucFf8MFjM6DHt29ohYDJX9_E6tP6g==

GET
H2 200 futurhealth-logo-icon.svg
g-plans.com/pages/static/images/medication/ 3 KB
2 KB 122ms
121ms Image
image/svg+xml 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/futurhealth-logo-icon.svg
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 8f16e028a17488737f5a85c55b9759a1d5120b20968a554da2cdfbe6c27e99f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:29 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
etag: W/"6509685d-ce0"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 futurhealth-logo.svg
g-plans.com/pages/static/images/medication/ 13 KB
6 KB 120ms
117ms Image
image/svg+xml 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/futurhealth-logo.svg
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 3072ffb9156177e631107efaaaa6ff98ec3e47a33735298da77da8e35fefa24f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:29 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
etag: W/"6509685d-32c6"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 sema-hero-image.png
g-plans.com/pages/static/images/medication/ 265 KB
266 KB 121ms
118ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/sema-hero-image.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 13e90c938b20e2900c62bc448523c98fcd52b308fd5e47db090fd6676587e4fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-4250e"
content-length: 271630
content-type: image/png

GET
H2 200 sema-press-desktop.png
g-plans.com/pages/static/images/medication/ 20 KB
20 KB 119ms
117ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/sema-press-desktop.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: afef0a4397d7412cda4bfbb55ce245837971e7673ccf8a03981e5d8aab69d837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-512a"
content-length: 20778
content-type: image/png

GET
H2 200 sema-press-mobile.png
g-plans.com/pages/static/images/medication/ 18 KB
18 KB 337ms
301ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/sema-press-mobile.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: fd7111b4e5182358cd90d47b192332cb7b5ffcfbd06d55107f9fed006c0b86de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-489d"
content-length: 18589
content-type: image/png

GET
H2 200 sema-icon-scale.png
g-plans.com/pages/static/images/medication/ 946 B
1 KB 338ms
302ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/sema-icon-scale.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 9120d4810650253e40f4038ae091263c729e94b7024ca8a75fdcb9a2b73175b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-3b2"
content-length: 946
content-type: image/png

GET
H2 200 sema-icon-trophy.png
g-plans.com/pages/static/images/medication/ 2 KB
2 KB 336ms
302ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/sema-icon-trophy.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: f7fdbab0ae1e27ba48e1cfadf4e6586c955e861fcb1b370ea5d2b6e4597ab3d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-606"
content-length: 1542
content-type: image/png

GET
H2 200 sema-icon-ring.png
g-plans.com/pages/static/images/medication/ 959 B
1 KB 335ms
302ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/sema-icon-ring.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: fa72726221ca83d885772a09a99998103178a9b9bc38e36ccf6ff2c1256de659

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-3bf"
content-length: 959
content-type: image/png

GET
H2 200 sema-icon-down.png
g-plans.com/pages/static/images/medication/ 834 B
968 B 383ms
352ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/sema-icon-down.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: d6f515cdef5979110e48ce69af644f641881ae8307dcddd058c138fc3bede5e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-342"
content-length: 834
content-type: image/png

GET
H2 200 sema-steps-1.png
g-plans.com/pages/static/images/medication/ 6 KB
6 KB 391ms
360ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/sema-steps-1.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: f161a6aecdb6c7aacde04e087dc13c062b8fc527134a8b91eadace4f9f05c002

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-1617"
content-length: 5655
content-type: image/png

GET
H2 200 sema-steps-2.png
g-plans.com/pages/static/images/medication/ 10 KB
10 KB 442ms
412ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/sema-steps-2.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 73faa895a3d9b63bed510c1f3b950e0a4971b490bad97b07b0b1329f99694f3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-28a9"
content-length: 10409
content-type: image/png

GET
H2 200 sema-steps-3.png
g-plans.com/pages/static/images/medication/ 8 KB
8 KB 442ms
412ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/sema-steps-3.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: bf6e6a2b4a0edb892e20359e75033e23f4c39f6907e3d2ec917702388bf598e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-1eb2"
content-length: 7858
content-type: image/png

GET
H2 200 sema-test-1.png
g-plans.com/pages/static/images/medication/ 212 KB
212 KB 446ms
418ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/sema-test-1.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 0ae6c45ddc2ea2d042b6aca0a64816e7d4a30cc2181371e8074388e62d787bad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-34f01"
content-length: 216833
content-type: image/png

GET
H2 200 sema-test-2.png
g-plans.com/pages/static/images/medication/ 197 KB
198 KB 440ms
413ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/sema-test-2.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 329cc3335670624e2dac5459a39b68068a9a8f8fa2af3da968ad024909178df6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-315c3"
content-length: 202179
content-type: image/png

GET
H2 200 sema-test-3.png
g-plans.com/pages/static/images/medication/ 194 KB
194 KB 552ms
541ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/sema-test-3.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 86f4e1d0155fd3de6ac53fdc7171626a8fa54edd51270047a8a458ac459c01f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-306c4"
content-length: 198340
content-type: image/png

GET
H2 200 pen-ozempic.png
g-plans.com/pages/static/images/medication/ 8 KB
8 KB 489ms
478ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/pen-ozempic.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 6610ca45f638ddddb73e0ded362a5aca3b7889f5ab3ce375d12f6a6723dfa231

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-1fc9"
content-length: 8137
content-type: image/png

GET
H2 200 pen-mounjaro.png
g-plans.com/pages/static/images/medication/ 6 KB
6 KB 704ms
693ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/pen-mounjaro.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 62522546f9d00b4d2749e9521c5669f3f33f2c86147a23cd832580a7a97ccb2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-1965"
content-length: 6501
content-type: image/png

GET
H2 200 pen-wegovy.png
g-plans.com/pages/static/images/medication/ 8 KB
8 KB 488ms
478ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/pen-wegovy.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 338c62489915ad448e889a5c3d3186762fcb3d2298fe78aa206fd1a34bd5aaba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-1e55"
content-length: 7765
content-type: image/png

GET
H2 200 pen-fh-bottle.png
g-plans.com/pages/static/images/medication/ 8 KB
9 KB 705ms
694ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/pen-fh-bottle.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 1dd3eddef1eb04d20cc7fc93fa7646b452e6dd7e14fabbb6cb1a1a39c40780ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-21a0"
content-length: 8608
content-type: image/png

GET
H2 200 meal-plan.png
g-plans.com/pages/static/images/medication/ 145 KB
146 KB 488ms
478ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/meal-plan.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: eba6b8ad3168acc141b3a57c95dbdd1ef513a28afd38cf8fea3ee75b8f31cf7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-24597"
content-length: 148887
content-type: image/png

GET
H2 200 sema-combo.png
g-plans.com/pages/static/images/medication/ 16 KB
17 KB 704ms
695ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/sema-combo.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 450a1bd6afb68a3f761c74a7c55168e12285cf388cebf0ab35a4447b52900bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-4158"
content-length: 16728
content-type: image/png

GET
H2 200 sema-icon-badge.png
g-plans.com/pages/static/images/medication/ 4 KB
4 KB 550ms
540ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/sema-icon-badge.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 6fc0ebccf2d2796aff6f943219e1b8dda9b566780c6669516a3b175138db686e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-f42"
content-length: 3906
content-type: image/png

GET
H2 200 product-image.png
g-plans.com/pages/static/images/medication/ 253 KB
254 KB 720ms
711ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/pages/static/images/medication/product-image.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 0e03cfede07adff3b4cbbfc0a9be37620cec0fc213228dbc648cdaa489107e2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-3f4ff"
content-length: 259327
content-type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
64 KB 53ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-72058812-1

Requested by

Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea6b928319c82a8c71b6e3701d78974043230cf9e6f9117c0be5e2de436ea8da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64744
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Sep 2023 15:18:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 253 KB
88 KB 67ms
35ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PL87JC&l=dataLayer

Requested by

Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cea51d590bb6b8370d714f4888ba5ffc833284457b8cf8db99f819f8791aef7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90371
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Sep 2023 15:18:30 GMT

GET
H2 200 pages.js Show response
g-plans.com/pages/static/scripts/ 5 KB
2 KB 698ms
690ms Script
application/javascript 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/pages/static/scripts/pages.js
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 4330d40d3724d1de6e4cbfb370e8c1afae87bff296ea22695dcf3a7a6e065d01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/pages/medication/?affid=4992
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
etag: W/"6509685d-1548"
content-type: application/javascript; charset=utf-8

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.4.2/css/ 653 KB
116 KB 69ms
33ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=cfc27a568d
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/cfc27a568d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed627e51269f865425780547b0958d134c45d201b29ae31c990e1208158c7b03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:07:57 GMT
server: cloudflare
age: 66126
etag: "64c9580d-1cdb4"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 80a347f55a014d6d-FRA
content-length: 118196

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.4.2/css/ 27 KB
4 KB 178ms
142ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro-v4-shims.min.css?token=cfc27a568d
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/cfc27a568d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38c955b1da8fd9beae7ef0b45020e81d0140fbc070ffc85cdc7fe05ea7e652b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: "64c9580c-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 80a347f55a024d6d-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.4.2/css/ 54 KB
7 KB 68ms
32ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro-v5-font-face.min.css?token=cfc27a568d
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/cfc27a568d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24c18540ed9c6c6e79ee26e2ea2c90b9f52e1bf033f26f932d8497be0bb7e786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
age: 66640
etag: "64c9580c-1c20"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 80a347f55a034d6d-FRA
content-length: 7200

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.4.2/css/ 7 KB
2 KB 487ms
452ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro-v4-font-face.min.css?token=cfc27a568d
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/cfc27a568d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0195cd81f03b3096ca0fee614152f1c21426db36ff2dc2dce9ba0e299f59564

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: "64c9580c-6dc"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 80a347f55a044d6d-FRA
content-length: 1756

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/cfc27a568d/1395458/ 0
385 B 66ms
31ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/cfc27a568d/1395458/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/cfc27a568d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:29 GMT
cf-cache-status: HIT
age: 78134
content-length: 0
x-request-id: F4ar9DayztZdSAAqsyWD
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 80a347f55ed39007-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 77ms
0ms Stylesheet
text/css 2a02:26f0:780::210:a469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=mcr8mzd&ht=tk&f=49469.49475.49476.51230.51231.51233&a=7070115&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/mcr8mzd.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 / Show response
location.truevaultcdn.com/ 28 B
389 B 116ms
19ms Fetch 18.239.69.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://location.truevaultcdn.com/
Requested by: Host: polaris.truevaultcdn.com
URL: https://polaris.truevaultcdn.com/static/polaris.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-78.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 03:53:54 GMT
via: 1.1 0f98b23785e0aac311e2d09ea5460eb8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P4
age: 41076
vary: Cloudfront-Viewer-Country,Cloudfront-Viewer-Country-Region
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
access-control-allow-origin: *
x-country: DE
x-region
content-length: 28
x-amz-cf-id: ysBPDysee_bCx2c7mHUZkWmI3zYJfmKd1XDX-d_F1jYvGiI6YmgyMA==

GET
DATA 200
OK truncated
/ 301 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a6655ada1976b8afd726e8db21ac95a3a8bbed6c37ff346b080510b617801b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 GreycliffCF-Medium.woff
g-plans.com/pages/static/fonts/ 33 KB
33 KB 309ms
302ms Font
font/woff 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/pages/static/fonts/GreycliffCF-Medium.woff
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/static/styles/medication/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: bdaa47e6ca29b4c93db41ba7b604c44644187eb8c1feb8c8cb5c79b69b9b56e2

Request headers

Referer: https://g-plans.com/pages/static/styles/medication/style.css
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-843c"
content-length: 33852
content-type: font/woff

GET
H2 200 GreycliffCF-Bold.woff
g-plans.com/pages/static/fonts/ 37 KB
37 KB 360ms
352ms Font
font/woff 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/pages/static/fonts/GreycliffCF-Bold.woff
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/static/styles/medication/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 1d48a6d593d7b48e16c2f70f8c72f8ac344042e294d30d5138c71e5bd9305a17

Request headers

Referer: https://g-plans.com/pages/static/styles/medication/style.css
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-9320"
content-length: 37664
content-type: font/woff

GET
H2 200 GreycliffCF-Regular.woff
g-plans.com/pages/static/fonts/ 36 KB
37 KB 312ms
304ms Font
font/woff 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/pages/static/fonts/GreycliffCF-Regular.woff
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/static/styles/medication/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 4a01db98ae177a32788519ba5dc32b56c498c5fc3c38280f01c0814be7f52916

Request headers

Referer: https://g-plans.com/pages/static/styles/medication/style.css
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-91d8"
content-length: 37336
content-type: font/woff

GET
H2 200 charter_regular.woff2
g-plans.com/pages/static/fonts/ 21 KB
21 KB 367ms
360ms Font
font/woff2 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/pages/static/fonts/charter_regular.woff2
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/static/styles/medication/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 0806732094b19ea01d367745963b71ab014e83d4646d111f46bc32458c0eb95b

Request headers

Referer: https://g-plans.com/pages/static/styles/medication/style.css
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
last-modified: Tue, 19 Sep 2023 09:22:37 GMT
accept-ranges: bytes
etag: "6509685d-5384"
content-length: 21380
content-type: font/woff2

GET
H2 206 sema-vid-1.mp4
storage.googleapis.com/gplans-assets/video/ 1 MB
1 MB 160ms
143ms Media
video/mp4 2a00:1450:4001:81c::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/gplans-assets/video/sema-vid-1.mp4
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9ea915e2de12d0b730311d15617fa86445f2fa8cfdb69d66bfae887a650c4b43

Request headers

Referer: https://g-plans.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
x-guploader-uploadid: ADPycdswWem84I8I3xkbHR4Pjch5RNez4IDWCQ9FHXrOj1xGEXjOilYEuP4XOhSzcG_SOlSqe6w
x-goog-storage-class: STANDARD
Content-Range: bytes 0-1477926/1477927
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 1477927
last-modified: Thu, 21 Sep 2023 13:15:31 GMT
server: UploadServer
etag: "99f4af1f2a5720bb9ffcc36bb7d2d450"
x-goog-generation: 1695302131707394
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=3bql2A==, md5=mfSvHypXILuf/MNrt9LUUA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1477927
accept-ranges: bytes
expires: Thu, 21 Sep 2023 16:18:30 GMT

GET
H2 206 GP%20-%20RX%20Anim%20v2.mp4
storage.googleapis.com/gplans-assets/mp4/ 47 KB
0 730ms
713ms Media
video/mp4 2a00:1450:4001:81c::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/gplans-assets/mp4/GP%20-%20RX%20Anim%20v2.mp4
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Referer: https://g-plans.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
x-guploader-uploadid: ADPycdtQTWWTpZnRNPh-A20g2GoIvd_S5ssACMSCBK_9ySrAtoz9jm7URgrBzlwn3noEF-flSgA
x-goog-storage-class: STANDARD
Content-Range: bytes 0-22896168/22896169
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 22896169
last-modified: Thu, 21 Sep 2023 13:14:52 GMT
server: UploadServer
etag: "e2bb77c520ea7bd35ebcac352b684eed"
x-goog-generation: 1695302092152474
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=E01ziQ==, md5=4rt3xSDqe9NevKw1K2hO7Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 22896169
accept-ranges: bytes
expires: Thu, 21 Sep 2023 16:18:30 GMT

GET
H2 200 13219044.js Show response
static.legitscript.com/seals/ Frame D5E9 315 B
405 B 91ms
27ms Script
application/javascript 2606:4700::6812:1122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.legitscript.com/seals/13219044.js
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db71f7566898814271badfe8098fd9a11fc3e71b55bf9def7fd5eabde11f56ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 13:02:50 GMT
server: cloudflare
age: 5263
etag: W/"650c3efa-13b"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 80a347f8288f920e-FRA

GET
H3 206 sema-vid-1.mp4
storage.googleapis.com/gplans-assets/video/ 15 KB
0 274ms
273ms Media
video/mp4 2a00:1450:4001:81c::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/gplans-assets/video/sema-vid-1.mp4
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Referer: https://g-plans.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
x-guploader-uploadid: ADPycduFSD-yBH5-CZ4eaPGsNIA5b2TYUCpbjI3iltdoH3Zv_5y6LOos2san5g-QrI5ULOBVK98
x-goog-storage-class: STANDARD
Content-Range: bytes 0-1477926/1477927
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 1477927
last-modified: Thu, 21 Sep 2023 13:15:31 GMT
server: UploadServer
etag: "99f4af1f2a5720bb9ffcc36bb7d2d450"
x-goog-generation: 1695302131707394
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=3bql2A==, md5=mfSvHypXILuf/MNrt9LUUA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1477927
accept-ranges: bytes
expires: Thu, 21 Sep 2023 16:18:30 GMT

GET
H3 206 GP%20-%20Testimonial%20Arian%20350x530.mp4
storage.googleapis.com/gplans-assets/video/ 391 KB
0 294ms
294ms Media
video/mp4 2a00:1450:4001:81c::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/gplans-assets/video/GP%20-%20Testimonial%20Arian%20350x530.mp4
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Referer: https://g-plans.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
x-guploader-uploadid: ADPycduu7zRmDRkUJ5TZceiRQxA5Siruk8Blu6i-R3d1eC2BdDVtXaIzhfyzlcGqabTgk2S448I
x-goog-storage-class: STANDARD
Content-Range: bytes 0-14493935/14493936
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 14493936
last-modified: Thu, 21 Sep 2023 13:15:31 GMT
server: UploadServer
etag: "3c2ae77d0b7a8bee8871822776e19e8e"
x-goog-generation: 1695302131150645
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=8mlZqw==, md5=PCrnfQt6i+6IcYInduGejg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 14493936
accept-ranges: bytes
expires: Thu, 21 Sep 2023 16:18:30 GMT

GET
H3 206 GP%20-%20Testimonial%20Isabel%20350x530.mp4
storage.googleapis.com/gplans-assets/video/ 397 KB
0 193ms
193ms Media
video/mp4 2a00:1450:4001:81c::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/gplans-assets/video/GP%20-%20Testimonial%20Isabel%20350x530.mp4
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Referer: https://g-plans.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
x-guploader-uploadid: ADPycdth8JoPkFiMJ5yMqRW1X47vOCrPMLu3YB7eawreBAa-E_nRbIpPaR-w3l_a9uZY1njGONc
x-goog-storage-class: STANDARD
Content-Range: bytes 0-13450775/13450776
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 13450776
last-modified: Thu, 21 Sep 2023 13:15:32 GMT
server: UploadServer
etag: "04f4123bfa5bffe60d6cda8836133766"
x-goog-generation: 1695302132353315
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=thnODA==, md5=BPQSO/pb/+YNbNqINhM3Zg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 13450776
accept-ranges: bytes
expires: Thu, 21 Sep 2023 16:18:30 GMT

GET
H3 206 GP%20-%20Testimonial%20Kara%20350x530.mp4
storage.googleapis.com/gplans-assets/video/ 449 KB
0 283ms
283ms Media
video/mp4 2a00:1450:4001:81c::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/gplans-assets/video/GP%20-%20Testimonial%20Kara%20350x530.mp4
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Referer: https://g-plans.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
x-guploader-uploadid: ADPycdtnMhQVGUyHb8SkoRA6l_Q3nyMfB-R-4k_ZKYH-VMc8KCHyo1o214rcNIMOFij7nBGH7Dg
x-goog-storage-class: STANDARD
Content-Range: bytes 0-20276443/20276444
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 20276444
last-modified: Thu, 21 Sep 2023 13:15:31 GMT
server: UploadServer
etag: "525aeeed79283365585577f8f3d19453"
x-goog-generation: 1695302131499563
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=RiRIxw==, md5=Ulru7XkoM2VYVXf489GUUw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 20276444
accept-ranges: bytes
expires: Thu, 21 Sep 2023 16:18:30 GMT

GET
H3 206 GP%20-%20Testimonial%20Kerry%20350x530.mp4
storage.googleapis.com/gplans-assets/video/ 429 KB
0 292ms
292ms Media
video/mp4 2a00:1450:4001:81c::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/gplans-assets/video/GP%20-%20Testimonial%20Kerry%20350x530.mp4
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Referer: https://g-plans.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
x-guploader-uploadid: ADPycduZsRoLXgSjiADjjSDDVg2iE5tNyIFRs5eYmSYdvMWeYfEoDx04sxPvTd3Tu4-zx5Njaj4
x-goog-storage-class: STANDARD
Content-Range: bytes 0-12910340/12910341
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 12910341
last-modified: Thu, 21 Sep 2023 13:15:33 GMT
server: UploadServer
etag: "147015d387fd09d725907b712aa3d50b"
x-goog-generation: 1695302133371771
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=FaIDKg==, md5=FHAV04f9CdclkHtxKqPVCw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 12910341
accept-ranges: bytes
expires: Thu, 21 Sep 2023 16:18:30 GMT

GET
H3 206 GP%20-%20Testimonial%20Laura%20350x530.mp4
storage.googleapis.com/gplans-assets/video/ 428 KB
0 270ms
270ms Media
video/mp4 2a00:1450:4001:81c::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/gplans-assets/video/GP%20-%20Testimonial%20Laura%20350x530.mp4
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Referer: https://g-plans.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
x-guploader-uploadid: ADPycdsAlEV9yut8B96LJT7Mf9xt782fgbTinBCDqWF9JLUDpLlgxOULDz_EXuHo6lQifpOyc3Q
x-goog-storage-class: STANDARD
Content-Range: bytes 0-11732959/11732960
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 11732960
last-modified: Thu, 21 Sep 2023 13:15:29 GMT
server: UploadServer
etag: "22881358e00676555f64820f936abd9d"
x-goog-generation: 1695302129841218
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=HYQHjA==, md5=IogTWOAGdlVfZIIPk2q9nQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 11732960
accept-ranges: bytes
expires: Thu, 21 Sep 2023 16:18:30 GMT

GET
H3 206 GP%20-%20Testimonial%20Sarah%20350x530.mp4
storage.googleapis.com/gplans-assets/video/ 434 KB
0 291ms
290ms Media
video/mp4 2a00:1450:4001:81c::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/gplans-assets/video/GP%20-%20Testimonial%20Sarah%20350x530.mp4
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Referer: https://g-plans.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
x-guploader-uploadid: ADPycdubLRjNNSq1Z-rNYJaxRU509y0KZUya3gF4y9NyhKzM-_mEP2PywxgcOhT8FpCKKKUINPI
x-goog-storage-class: STANDARD
Content-Range: bytes 0-13164747/13164748
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 13164748
last-modified: Thu, 21 Sep 2023 13:15:30 GMT
server: UploadServer
etag: "21e6553ddd9ce8c285a33cef1de50f75"
x-goog-generation: 1695302130784750
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=gBY2CQ==, md5=IeZVPd2c6MKFozzvHeUPdQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 13164748
accept-ranges: bytes
expires: Thu, 21 Sep 2023 16:18:30 GMT

GET
H3 206 GP%20-%20RX%20Anim%20v2.mp4
storage.googleapis.com/gplans-assets/mp4/ 3 KB
0 4081ms
4080ms Media
video/mp4 2a00:1450:4001:81c::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/gplans-assets/mp4/GP%20-%20RX%20Anim%20v2.mp4
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Referer: https://g-plans.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 21 Sep 2023 15:18:31 GMT
x-guploader-uploadid: ADPycdvWWY5dM7XPlBlqoxdJ6IIXL1Ihogk4nZzy843zNcEkzUV_HeL0juowtLlhPf0VCyktr_s
x-goog-storage-class: STANDARD
Content-Range: bytes 0-22896168/22896169
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 22896169
last-modified: Thu, 21 Sep 2023 13:14:52 GMT
server: UploadServer
etag: "e2bb77c520ea7bd35ebcac352b684eed"
x-goog-generation: 1695302092152474
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=E01ziQ==, md5=4rt3xSDqe9NevKw1K2hO7Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 22896169
accept-ranges: bytes
expires: Thu, 21 Sep 2023 16:18:31 GMT

GET
H2 200 / Show response
location.truevaultcdn.com/ 28 B
388 B 15ms
14ms Fetch 18.239.69.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://location.truevaultcdn.com/
Requested by: Host: polaris.truevaultcdn.com
URL: https://polaris.truevaultcdn.com/static/polaris.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-78.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 03:53:54 GMT
via: 1.1 0f98b23785e0aac311e2d09ea5460eb8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P4
age: 41076
vary: Cloudfront-Viewer-Country,Cloudfront-Viewer-Country-Region
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
access-control-allow-origin: *
x-country: DE
x-region
content-length: 28
x-amz-cf-id: --7IVXRV5jni_0cZWLF0_qmd3PLu1U6__0jUs--vISQy0gwi8FCKbA==

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-72058812-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 13:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5327
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 21 Sep 2023 15:49:43 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 127 KB
50 KB 60ms
26ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-P6PGJXK

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87JC&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e44fcd7f19449ecf2be783dc225a6fe82011aff7746772f487069b9065212b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50446
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Sep 2023 15:18:30 GMT

GET
H2 410 6036.js
script.crazyegg.com/pages/scripts/0020/ 0
0 110ms
28ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0020/6036.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87JC&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Sep 2023 17:43:48 GMT
server: cloudflare
age: 77682
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 80a347f94943380a-FRA
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
104 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-774287094

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87JC&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca5ab22006904a17f355d15cd1417883c8e95e0da74f26c0e32795324a546dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106039
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Sep 2023 15:18:30 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 69ms
4ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230044-FRA

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 71ms
1ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 a-00om.min.js Show response
b-code.liadm.com/ 41 KB
14 KB 125ms
20ms Script
application/javascript 2600:9000:2090:a400:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-00om.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87JC&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:a400:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6559cf2340925720ade5eca6dc98364f5115c5cd889fa8800a3cba9dc862f044

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 02:05:46 GMT
content-encoding: gzip
via: 1.1 1d10719558a2481e0d462e12964f647a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 47564
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: ziLlODAsrl3Uhcz5ve4NFFHCrGn5vwQE4wTf8BTnQdgJVI9iHEWdPw==

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 84ms
13ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:21 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: MB39SNJR8TZ8B2YV
age: 10
x-amz-server-side-encryption: AES256
x-amz-id-2: RHzDQFr4u/E725DaPMNgSslZiTMKcy1GnCNVEIN52wICvPabw/0oTOYcO5ydsKjz7n6cm9OmQVQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 68ms
8ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87JC&l=dataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 02:39:17 GMT
Content-Encoding: gzip
Via: 1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 45554
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: NYV3IxEmeCvC0U5J3xjdKodx5QyK9vlYEzGDSGt5J9EBtzAt2UcZ7w==

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1030212&ns=5613&nc=G-Plans_Site_Visitors&ncv=43
https://action.media6degrees.com/orbserv/nsjs?adv=cl1030212&ns=5613&nc=G-Plans_Site_Visitors&ncv=43

5 B
253 B

3409ms
3397ms

Script
text/html

2606:4700:4400::6812:2412
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1030212&ns=5613&nc=G-Plans_Site_Visitors&ncv=43
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Server: 2606:4700:4400::6812:2412 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 15:18:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=ISO-8859-1
content-language: de-DE
access-control-allow-origin: *
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
cf-ray: 80a347fc0d65bbaa-FRA

Redirect headers

location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1030212&ns=5613&nc=G-Plans_Site_Visitors&ncv=43
access-control-allow-origin: *
date: Thu, 21 Sep 2023 15:18:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 80a347f949dbbbaa-FRA
content-type: text/html; charset=iso-8859-1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
104 KB 45ms
43ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LL1EG3X32V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87JC&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ea9e6be9e91abb1a1901d26c4722f2b3fef05128613c6f53bbd197649ff4492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105994
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Sep 2023 15:18:30 GMT

GET
H/1.1 404
Not Found 1.js
formcred.com/js/ 0
0 3903ms
3510ms Script
text/html 103.224.212.221
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: https://formcred.com/js/1.js
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.212.221 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-212-221.above.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H2 200 13219044.png
static.legitscript.com/seals/ Frame D5E9 14 KB
14 KB 38ms
20ms Image
image/png 2606:4700::6812:1122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.legitscript.com/seals/13219044.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44f71ff5f7d40bddc186c9ebdc76f58f5e94d5e2ae7525a144abb90daac38b36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 13:02:50 GMT
server: cloudflare
age: 5262
etag: "650c3efa-38dd"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 80a347f939a5920e-FRA
content-length: 14557

GET
H2 200 pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 14 KB
14 KB 36ms
33ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-regular-400-0.woff2
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab1d861f40e0b7a2773c61b30eaa39ba2af3d479aebd83dd7e03161de0e25298

Request headers

Referer: https://g-plans.com/
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:25:35 GMT
server: cloudflare
age: 66126
etag: "64c95c2f-368c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 80a347f98f4b4d6d-FRA
content-length: 13964

GET
H2 200 pro-fa-solid-900-0.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 11 KB
11 KB 141ms
139ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-solid-900-0.woff2
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adef62602f3fefd4e6f1d58bef7ff97640f6a52b55cc379d67ee4a283f3ac0b6

Request headers

Referer: https://g-plans.com/
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:25:39 GMT
server: cloudflare
etag: "64c95c33-2c74"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 80a347f98f4d4d6d-FRA
content-length: 11380

GET
H2 200 pro-fa-light-300-0.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 14 KB
14 KB 142ms
139ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-light-300-0.woff2
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56837cda447dd918a89b27bdc6ce4074193815c914297720515c1a80f35b29d9

Request headers

Referer: https://g-plans.com/
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:25:33 GMT
server: cloudflare
etag: "64c95c2d-3934"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 80a347f98f4e4d6d-FRA
content-length: 14644

GET
H2 200 pro-fa-sharp-light-300-5.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 20 KB
20 KB 3801ms
3799ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-sharp-light-300-5.woff2
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 925146dba1bb27435ef79098b2483fe7c6a65ddfcf84ae5d2186d22238070887

Request headers

Referer: https://g-plans.com/
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:31 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:25:36 GMT
server: cloudflare
etag: "64c95c30-4e40"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 80a347f98f4f4d6d-FRA
content-length: 20032

GET
H2 200 pro-fa-sharp-solid-900-0.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 9 KB
9 KB 177ms
175ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-sharp-solid-900-0.woff2
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f5284341d5659d86092d9e603cfeaea5cf96c62206aaae4d9125ae984a174fb

Request headers

Referer: https://g-plans.com/
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:25:38 GMT
server: cloudflare
etag: "64c95c32-2448"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 80a347f98f504d6d-FRA
content-length: 9288

GET
H2 200 pro-fa-light-300-11.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 29 KB
29 KB 3799ms
3799ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-light-300-11.woff2
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b9011da166428afd8d9a28c05293e8f77f51f64ab811cdcd1b8a9a8dcc5d677

Request headers

Referer: https://g-plans.com/
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:31 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:25:34 GMT
server: cloudflare
etag: "64c95c2e-74dc"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 80a347f98f534d6d-FRA
content-length: 29916

GET
H2 200 pro-fa-light-300-15.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 20 KB
21 KB 32ms
22ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-light-300-15.woff2
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b74a6c2cac845992a0c5c76192d29983fae4c65acc8d2c7adff6f9855a5d4116

Request headers

Referer: https://g-plans.com/
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:25:34 GMT
server: cloudflare
age: 66125
etag: "64c95c2e-51b8"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 80a347f9af664d6d-FRA
content-length: 20920

GET
H2 200 pro-fa-solid-900-17.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 17 KB
17 KB 3781ms
3780ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-solid-900-17.woff2
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd20a5ae445a0c34086b9a504c099ecfe640c1dc0d9d97b5911e10df7ac46961

Request headers

Referer: https://g-plans.com/
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:31 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:25:39 GMT
server: cloudflare
etag: "64c95c33-426c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 80a347f9af684d6d-FRA
content-length: 17004

GET
H2 200 pro-fa-light-300-16.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 21 KB
21 KB 170ms
149ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-light-300-16.woff2
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8e3fe916f41d2caf59230912dc2810b18a04502b6f38a3e0207f0fa962d7e5b

Request headers

Referer: https://g-plans.com/
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:25:34 GMT
server: cloudflare
etag: "64c95c2e-5370"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 80a347f9dfaa4d6d-FRA
content-length: 21360

GET
H2 200 pro-fa-light-300-6.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 22 KB
22 KB 3771ms
3749ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-light-300-6.woff2
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d40e831b14bf8b4140e0c69b164478f70b67e3693d9bf31ff52e6732e50be74

Request headers

Referer: https://g-plans.com/
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:31 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:25:35 GMT
server: cloudflare
etag: "64c95c2f-5640"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 80a347f9dfab4d6d-FRA
content-length: 22080

GET
H2 200 pro-fa-light-300-12.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 14 KB
14 KB 275ms
254ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-light-300-12.woff2
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dab4f8f4e7c95c27d8926c5472ac27a2b33923500ab49e173fe639eb930865f5

Request headers

Referer: https://g-plans.com/
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:30 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:25:34 GMT
server: cloudflare
etag: "64c95c2e-3658"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 80a347f9dfad4d6d-FRA
content-length: 13912

GET
H2 200 pro-fa-light-300-21.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 25 KB
25 KB 3772ms
3751ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-light-300-21.woff2
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 320f1b370eecb7fcc7cf5bf086ae088eef92c5b7cacd771f2f07a10510288833

Request headers

Referer: https://g-plans.com/
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:31 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:25:34 GMT
server: cloudflare
etag: "64c95c2e-6324"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 80a347f9dfb04d6d-FRA
content-length: 25380

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 36ms
0ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1582583694&t=pageview&_s=1&dl=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D4992&ul=en-us&de=UTF-8&dt=G-Plans%20%7C%20Weight%20Loss%20Medication%2C%20Telehealth%20Dieticians%20and%20Personalized%20Diet%20Plans%20Project&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABQAAAACAAI~&jid=1233107428&gjid=1658672107&cid=2090703652.1695309511&tid=UA-72058812-1&_gid=1706297379.1695309511&_r=1&gtm=457e39i0&jsscut=1&z=1948904086

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://g-plans.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 15:18:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://g-plans.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/774287094/ 3 KB
2 KB 185ms
79ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/774287094/?random=1695309510805&cv=11&fst=1695309510805&bg=ffffff&guid=ON&async=1&gtm=45be39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D4992&hn=www.googleadservices.com&frm=0&tiba=G-Plans%20%7C%20Weight%20Loss%20Medication%2C%20Telehealth%20Dieticians%20and%20Personalized%20Diet%20Plans%20Project&us_privacy=1---&auid=1285448943.1695309511&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774287094

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ac2dee3b78e8157df96045a112dd658a5f37d0fd06e3fc79ef00d217d7e6d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 15:18:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
242 B 66ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LL1EG3X32V&gtm=45be39i0&_p=1582583694&_gaz=1&cid=2090703652.1695309511&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695309510&sct=1&seg=0&dl=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D4992&dt=G-Plans%20%7C%20Weight%20Loss%20Medication%2C%20Telehealth%20Dieticians%20and%20Personalized%20Diet%20Plans%20Project&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774287094
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 15:18:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://g-plans.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 143ms
22ms Ping
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LL1EG3X32V&cid=2090703652.1695309511&gtm=45be39i0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774287094
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 15:18:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://g-plans.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 92ms
48ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LL1EG3X32V&cid=2090703652.1695309511&gtm=45be39i0&aip=1&z=1034016232

Requested by

Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 15:18:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
343 B 106ms
21ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72058812-1&cid=2090703652.1695309511&jid=1233107428&gjid=1658672107&_gid=1706297379.1695309511&_u=YEBAAUAAQAAAACAAI~&z=87824477

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://g-plans.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 21 Sep 2023 15:18:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://g-plans.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 3655ms
187ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1695309510983&id=t2_3q6ydxe0&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=9c3eea6e-0206-4d39-9717-d60677969954&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:34 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 adsct
t.co/i/ 43 B
377 B 3442ms
3416ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=73724639-b60c-40c9-8951-3f4aecfe56b8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1240010e-0c14-4587-aaac-d4ea09b87c21&tw_document_href=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D4992&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o20xo&type=javascript&version=2.3.29

Requested by

Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-response-time: 103
date: Thu, 21 Sep 2023 15:18:30 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 94623af97359a5b5
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 3c5b5d19d887a6d3371e6be6bfa4f44f1493925dc9a25705042ac9563b9fa72a
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 3443ms
3396ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=73724639-b60c-40c9-8951-3f4aecfe56b8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1240010e-0c14-4587-aaac-d4ea09b87c21&tw_document_href=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D4992&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o20xo&type=javascript&version=2.3.29

Requested by

Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-response-time: 111
date: Thu, 21 Sep 2023 15:18:30 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 149389564f7ceae9
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f6cf5199c7ed77620541945195ae9642909ba21924c1cf8cad247a3bf6c7259f
content-length: 43

GET
H2 200 10140037.json Show response
s.yimg.com/wi/config/ 2 B
459 B 31ms
13ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10140037.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 7HEG64Q12JF825F6
age: 8
content-length: 2
x-amz-id-2: h6oor+DCVDC4DyUFGIk+rkYU2lbcKTqrMO94aYsbGI+p+k3Vz/nbT37MkgAXVGlluNCfxzNDYQaoMYMg7rQX3A==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

OPTIONS
H2 200 /
usemoon.com/api/v1/load-master-pixel/ Frame 0
0 3852ms
429ms Preflight
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usemoon.com/api/v1/load-master-pixel/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://g-plans.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80a348115b9a1e5e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 21 Sep 2023 15:18:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYT%2FPRgxNooUGpOy%2FNAu3twYWScBZ89S%2FhLc%2Bkbvt8Gy5D6%2FHakEUzif3AyYCFyQTyMXAbvIM8NrbuHwYa7YFf4g9H6%2FrJzGXFAcZQ1kKnTb4w4xV5oR3lGtordMtZmpTgLatcybjFfmTA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 200 / Show response
usemoon.com/api/v1/load-master-pixel/ 45 B
397 B 157ms
156ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usemoon.com/api/v1/load-master-pixel/

Requested by

Host: g-plans.com
URL: https://g-plans.com/pages/static/scripts/pages.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a876e8b3fccd5a64fce0e8774a20dc85ba93d321c7b006aee535ca239852675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json
Referer: https://g-plans.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Sep 2023 15:18:35 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: DENY
vary: Accept, Origin
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6heOnEPSC6PSLuVVn%2F%2BZAsg%2F%2Ba8r%2Bhy5IKHdAg7y6EA0oPjN4a0CkYmCEsV2r%2FEM013nLUicx21b17AcvECtqVeGsik15lIKkg1Q%2F0SW5W26aq027RxEF4d4gG%2BSA%2Fzbrz2y1%2F642mKzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
allow: POST, OPTIONS
cf-ray: 80a34814087d1e5e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 45

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
247 B 3641ms
33ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2021%20Sep%202023%2015%3A18%3A31%20GMT&n=-2d&b=G-Plans%20%7C%20Weight%20Loss%20Medication%2C%20Telehealth%20Dieticians%20and%20Personalized%20Diet%20Plans%20Project&.yp=10140037&f=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D4992&enc=UTF-8&us_privacy=1---&yv=1.15.1&tagmgr=gtm

Requested by

Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 15:18:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 21 Sep 2023 15:18:34 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 3640ms
32ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=G-Plans%20%7C%20Weight%20Loss%20Medication%2C%20Telehealth%20Dieticians%20and%20Personalized%20Diet%20Plans%20Project&.yp=10140037&f=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D4992&enc=UTF-8&us_privacy=1---&yv=1.15.1&tagmgr=gtm

Requested by

Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 15:18:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 21 Sep 2023 15:18:34 GMT

GET
H3 206 GP%20-%20RX%20Anim%20v2.mp4
storage.googleapis.com/gplans-assets/mp4/ 266 KB
0 3565ms
3532ms Media
video/mp4 2a00:1450:4001:81c::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/gplans-assets/mp4/GP%20-%20RX%20Anim%20v2.mp4
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Referer: https://g-plans.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Range: bytes=1507328-

Response headers

date: Thu, 21 Sep 2023 15:18:34 GMT
x-guploader-uploadid: ADPycdsGYD2Kwg6E9Qtgao5pP6lG2vxy0rZkMfveRcNpd_bYQdnoYoiqSQ9BBjfTIjJLKKbqTG8
x-goog-storage-class: STANDARD
Content-Range: bytes 1507328-22896168/22896169
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 21388841
last-modified: Thu, 21 Sep 2023 13:14:52 GMT
server: UploadServer
etag: "e2bb77c520ea7bd35ebcac352b684eed"
x-goog-generation: 1695302092152474
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=E01ziQ==, md5=4rt3xSDqe9NevKw1K2hO7Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 22896169
accept-ranges: bytes
expires: Thu, 21 Sep 2023 16:18:34 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/774287094/ 42 B
455 B 3633ms
20ms Image
image/gif 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/774287094/?random=1695309510805&cv=11&fst=1695308400000&bg=ffffff&guid=ON&async=1&gtm=45be39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D4992&frm=0&tiba=G-Plans%20%7C%20Weight%20Loss%20Medication%2C%20Telehealth%20Dieticians%20and%20Personalized%20Diet%20Plans%20Project&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2753884827&rmt_tld=0&ipr=y

Requested by

Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f196.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 15:18:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/774287094/ 42 B
154 B 3359ms
3341ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/774287094/?random=1695309510805&cv=11&fst=1695308400000&bg=ffffff&guid=ON&async=1&gtm=45be39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D4992&frm=0&tiba=G-Plans%20%7C%20Weight%20Loss%20Medication%2C%20Telehealth%20Dieticians%20and%20Personalized%20Diet%20Plans%20Project&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2753884827&rmt_tld=1&ipr=y

Requested by

Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 15:18:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1695309511142&aid=a-00om&se=e30&duid=4683703cbddb--01haw54ebayknjy7wye005gth6&tna=v2.7.11&pu=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D4992&us_privac...
https://rp4.liadm.com/j?dtstmp=1695309511142&aid=a-00om&se=e30&duid=4683703cbddb--01haw54ebayknjy7wye005gth6&tna=v2.7.11&pu=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D4992&us_priva...

13 B
552 B

580ms
91ms

XHR
application/json

3.222.49.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1695309511142&aid=a-00om&se=e30&duid=4683703cbddb--01haw54ebayknjy7wye005gth6&tna=v2.7.11&pu=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D4992&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPkctUGxhbnMgfCBXZWlnaHQgTG9zcyBNZWRpY2F0aW9uLCBUZWxlaGVhbHRoIERpZXRpY2lhbnMgYW5kIFBlcnNvbmFsaXplZCBEaWV0IFBsYW5zIFByb2plY3Q8L3RpdGxlPjxtZXRhIGRhdGEtaGlkPSJkZXNjcmlwdGlvbiIgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9InVuZGVmaW5lZCI-PGgxPldlaWdodCBsb3NzIDx1Pm1hZGUgZWFzeTwvdT4gPGk-d2l0aCBhIHByZXNjcmlwdGlvbjwvaT4gdG8gc2VtYWdsdXRpZGU8L2gxPjx0aXRsZT5BcnJvdyBwb2ludGluZyB0byB0aGUgbGVmdDwvdGl0bGU-PHRpdGxlPkFycm93IHBvaW50aW5nIHRvIHRoZSByaWdodDwvdGl0bGU-&i6=MmEwMTo0YTA6NWE6OjEx&n3pc=true

Requested by

Host: g-plans.com
URL: https://g-plans.com/pages/medication/?affid=4992

Protocol

Server

3.222.49.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-222-49-156.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 15:18:35 GMT
x-pixel-event-id: 5bbf76c5-d705-4565-91e0-e7c991a3f37d
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 3af0f1679a75837b
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Thu, 21 Sep 2023 15:18:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1695309511142&aid=a-00om&se=e30&duid=4683703cbddb--01haw54ebayknjy7wye005gth6&tna=v2.7.11&pu=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D4992&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPkctUGxhbnMgfCBXZWlnaHQgTG9zcyBNZWRpY2F0aW9uLCBUZWxlaGVhbHRoIERpZXRpY2lhbnMgYW5kIFBlcnNvbmFsaXplZCBEaWV0IFBsYW5zIFByb2plY3Q8L3RpdGxlPjxtZXRhIGRhdGEtaGlkPSJkZXNjcmlwdGlvbiIgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9InVuZGVmaW5lZCI-PGgxPldlaWdodCBsb3NzIDx1Pm1hZGUgZWFzeTwvdT4gPGk-d2l0aCBhIHByZXNjcmlwdGlvbjwvaT4gdG8gc2VtYWdsdXRpZGU8L2gxPjx0aXRsZT5BcnJvdyBwb2ludGluZyB0byB0aGUgbGVmdDwvdGl0bGU-PHRpdGxlPkFycm93IHBvaW50aW5nIHRvIHRoZSByaWdodDwvdGl0bGU-&i6=MmEwMTo0YTA6NWE6OjEx&n3pc=true
access-control-allow-origin: https://g-plans.com
request-time: 0
access-control-allow-credentials: true
trace-id: 0fa19dd1c1d9f02c
content-length: 0
x-xss-protection: 1; mode=block

GET GP%20-%20RX%20Anim%20v2.mp4
storage.googleapis.com/gplans-assets/mp4/ 0
0

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ 305 B
461 B 7ms
7ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=Y1pchPuXcKyoxNA
Requested by: Host: g-plans.com
URL: https://g-plans.com/pages/static/scripts/pages.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: e719fdb4f3b5ea8de43912f0f77c8eeafb683ac814f90ae3163009c50a587bd1

Request headers

Accept: application/json
Referer: https://g-plans.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 21 Sep 2023 15:18:35 GMT
Content-Length: 305
Content-Type: application/json; charset=utf-8

OPTIONS
H/1.1 200
OK json
pro.ip-api.com/ Frame 0
0 46ms
8ms Preflight 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=Y1pchPuXcKyoxNA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://g-plans.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 7200
Content-Length: 0
Date: Thu, 21 Sep 2023 15:18:35 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 6269 0
182 B 104ms
32ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=65aggbs&ref=https%3A%2F%2Fg-plans.com%2Fpages%2Fmedication%2F%3Faffid%3D4992&upid=2eko8m2&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g-plans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Thu, 21 Sep 2023 15:18:35 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

POST
H3 200 / Show response
usemoon.com/api/v1/track-event/ 57 B
515 B 177ms
177ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usemoon.com/api/v1/track-event/

Requested by

Host: g-plans.com
URL: https://g-plans.com/pages/static/scripts/pages.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ccddc0d88ff7b2535cdf6bb759c7fd8c81edfb07971648b22db1da8741854a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json
Referer: https://g-plans.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Sep 2023 15:18:35 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: DENY
vary: Accept, Origin
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQetOOarrD4FXqvjMyJeBuMuhjkC6fM98J8HV2pP9%2FeRGP%2BSEiF0FkfFUJqyFdzVwub0GzSTnzYY05Uve9u3oF6fLVw6XsG5QWuga7SGaEtj0dyEpSDlOzh8bVuSv83NEvC5N68LvNTyww%3D%3D"}],"group":"cf-nel","max_age":604800}
allow: OPTIONS, POST
cf-ray: 80a348179f0b3624-FRA
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 /
usemoon.com/api/v1/track-event/ Frame 0
0 361ms
360ms Preflight
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://usemoon.com/api/v1/track-event/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://g-plans.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80a348155ac53624-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 21 Sep 2023 15:18:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rpcanwFpFRwLfTA08%2F2I%2BKrxA1SKltCsIo%2FXrO5ku9Iz4nuHHFJpKKiBiRdG5a1zikpsIAkLtY9y6R9OlcIOD7kdRSNxqxezRf5AGS1AnFaWaAKCxyTfRQ3HA6FFoEwJXnp82ULXAA4lA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: storage.googleapis.com
URL: https://storage.googleapis.com/gplans-assets/mp4/GP%20-%20RX%20Anim%20v2.mp4

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.g-plans.com/	1970-01-20 15:38:21	Name: us_privacy Value: 1---
.g-plans.com/	1970-01-20 17:04:45	Name: _gcl_au Value: 1.1.1285448943.1695309511
.g-plans.com/	1970-01-20 14:56:35	Name: _gid Value: GA1.2.1706297379.1695309511
.g-plans.com/	1970-01-20 14:55:09	Name: _gat_gtag_UA_72058812_1 Value: 1
.g-plans.com/	1970-01-21 00:31:09	Name: _ga_LL1EG3X32V Value: GS1.1.1695309510.1.0.1695309510.60.0.0
.g-plans.com/	1970-01-21 00:31:09	Name: _ga Value: GA1.1.2090703652.1695309511
.g-plans.com/	1970-01-20 17:04:45	Name: _rdt_uuid Value: 1695309510978.9c3eea6e-0206-4d39-9717-d60677969954
.g-plans.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .g-plans.com
.g-plans.com/	1970-01-21 00:31:09	Name: _lc2_fpi Value: 4683703cbddb--01haw54ebayknjy7wye005gth6
.doubleclick.net/	1970-01-20 14:55:10	Name: test_cookie Value: CheckForPermission
.t.co/	1970-01-21 00:31:09	Name: muc_ads Value: 6d24a7d7-4ac7-405d-9ecc-0a0b83972201
.twitter.com/	1970-01-21 00:31:09	Name: personalization_id Value: "v1_7cqTtHdPG3ner7zhBCwKVg=="
.yahoo.com/	1970-01-20 23:41:07	Name: A3 Value: d=AQABBMpeDGUCENQfIa5W33GxNBw6KNNIu4QFEgEBAQGwDWUWZeAYyiMA_eMAAA&S=AQAAArYsqDgFHC8Ob-uMjWRl4GI
.liadm.com/	1970-01-21 00:31:09	Name: lidid Value: d865c84f-c202-43e4-9973-2322bbdb6cbb

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.crazyegg.com/pages/scripts/0020/6036.js Message: Failed to load resource: the server responded with a status of 410 ()
network	error	URL: https://formcred.com/js/1.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

action.dstillery.com
action.media6degrees.com
alb.reddit.com
analytics.twitter.com
b-code.liadm.com
formcred.com
g-plans.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
ka-p.fontawesome.com
kit.fontawesome.com
location.truevaultcdn.com
p.typekit.net
polaris.truevaultcdn.com
pro.ip-api.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
s.yimg.com
script.crazyegg.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.legitscript.com
stats.g.doubleclick.net
storage.googleapis.com
t.co
unpkg.com
use.typekit.net
usemoon.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.redditstatic.com
storage.googleapis.com
103.224.212.221
104.244.42.197
104.244.42.3
108.138.15.119
146.75.116.157
15.197.193.217
151.101.193.140
172.217.16.196
18.239.69.78
2001:4860:4802:32::36
212.82.100.181
2600:1f18:730:b130:b5b7:17e9:da3f:f876
2600:9000:2090:a400:8:8845:1500:93a1
2606:4700:4400::6812:2412
2606:4700::6810:7eaf
2606:4700::6812:1122
2606:4700::6812:1634
2606:4700::6812:1734
2606:4700::6813:9308
2a00:1288:80:807::1
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:81c::201b
2a00:1450:4001:829::200e
2a00:1450:4001:830::200e
2a00:1450:400c:c0a::9b
2a02:26f0:3500:16::215:1495
2a02:26f0:780::210:a469
2a04:4e42:200::396
2a06:98c1:3121::3
3.222.49.156
34.68.56.245
51.77.64.70
52.222.169.40
0806732094b19ea01d367745963b71ab014e83d4646d111f46bc32458c0eb95b
0ae6c45ddc2ea2d042b6aca0a64816e7d4a30cc2181371e8074388e62d787bad
0e03cfede07adff3b4cbbfc0a9be37620cec0fc213228dbc648cdaa489107e2e
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
13e90c938b20e2900c62bc448523c98fcd52b308fd5e47db090fd6676587e4fc
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d48a6d593d7b48e16c2f70f8c72f8ac344042e294d30d5138c71e5bd9305a17
1dd3eddef1eb04d20cc7fc93fa7646b452e6dd7e14fabbb6cb1a1a39c40780ab
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
21755031dfd12b4d329ff9923ababc9dca8e61432b1223338cd63dd072326a2d
24c18540ed9c6c6e79ee26e2ea2c90b9f52e1bf033f26f932d8497be0bb7e786
2f5284341d5659d86092d9e603cfeaea5cf96c62206aaae4d9125ae984a174fb
3072ffb9156177e631107efaaaa6ff98ec3e47a33735298da77da8e35fefa24f
320f1b370eecb7fcc7cf5bf086ae088eef92c5b7cacd771f2f07a10510288833
329cc3335670624e2dac5459a39b68068a9a8f8fa2af3da968ad024909178df6
338c62489915ad448e889a5c3d3186762fcb3d2298fe78aa206fd1a34bd5aaba
341e98f54770f96e6e22dddba84d617350e9f04db72f9daec6569ec42c756a6d
38c955b1da8fd9beae7ef0b45020e81d0140fbc070ffc85cdc7fe05ea7e652b4
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
4330d40d3724d1de6e4cbfb370e8c1afae87bff296ea22695dcf3a7a6e065d01
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f71ff5f7d40bddc186c9ebdc76f58f5e94d5e2ae7525a144abb90daac38b36
450a1bd6afb68a3f761c74a7c55168e12285cf388cebf0ab35a4447b52900bda
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4a01db98ae177a32788519ba5dc32b56c498c5fc3c38280f01c0814be7f52916
4a876e8b3fccd5a64fce0e8774a20dc85ba93d321c7b006aee535ca239852675
563286f79ca01010cff7b958dd4edf786592833b4a0ed5c0f7146023d86cdddd
56837cda447dd918a89b27bdc6ce4074193815c914297720515c1a80f35b29d9
5ccddc0d88ff7b2535cdf6bb759c7fd8c81edfb07971648b22db1da8741854a9
5d40e831b14bf8b4140e0c69b164478f70b67e3693d9bf31ff52e6732e50be74
5e86cc826f91a05a8db3ccc036a52384debb48ab5fe06c44cf26b6a930f949ca
62522546f9d00b4d2749e9521c5669f3f33f2c86147a23cd832580a7a97ccb2d
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6559cf2340925720ade5eca6dc98364f5115c5cd889fa8800a3cba9dc862f044
6610ca45f638ddddb73e0ded362a5aca3b7889f5ab3ce375d12f6a6723dfa231
6a6655ada1976b8afd726e8db21ac95a3a8bbed6c37ff346b080510b617801b7
6ac2dee3b78e8157df96045a112dd658a5f37d0fd06e3fc79ef00d217d7e6d24
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fc0ebccf2d2796aff6f943219e1b8dda9b566780c6669516a3b175138db686e
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
73faa895a3d9b63bed510c1f3b950e0a4971b490bad97b07b0b1329f99694f3b
7b9011da166428afd8d9a28c05293e8f77f51f64ab811cdcd1b8a9a8dcc5d677
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7e48e7f37c661cb8f1280c5fa60e169052e169a81bd53ccca58b7d9c9b392bce
86f4e1d0155fd3de6ac53fdc7171626a8fa54edd51270047a8a458ac459c01f1
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8f16e028a17488737f5a85c55b9759a1d5120b20968a554da2cdfbe6c27e99f5
9120d4810650253e40f4038ae091263c729e94b7024ca8a75fdcb9a2b73175b9
925146dba1bb27435ef79098b2483fe7c6a65ddfcf84ae5d2186d22238070887
9ea915e2de12d0b730311d15617fa86445f2fa8cfdb69d66bfae887a650c4b43
9ea9e6be9e91abb1a1901d26c4722f2b3fef05128613c6f53bbd197649ff4492
a0195cd81f03b3096ca0fee614152f1c21426db36ff2dc2dce9ba0e299f59564
aabd7b76710107bbc1ef4f2d22cffae6b18c5c6fabd017b2596f161d98443e0c
ab1d861f40e0b7a2773c61b30eaa39ba2af3d479aebd83dd7e03161de0e25298
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adef62602f3fefd4e6f1d58bef7ff97640f6a52b55cc379d67ee4a283f3ac0b6
afef0a4397d7412cda4bfbb55ce245837971e7673ccf8a03981e5d8aab69d837
b74a6c2cac845992a0c5c76192d29983fae4c65acc8d2c7adff6f9855a5d4116
bce8444ba7b7dfb303a0ccbd80294f73011e0ab01a3791305422045c78093723
bd0311142ca773d44709ca3ecbbfbc66a243341bdcc5dd59249dca257ee2f921
bdaa47e6ca29b4c93db41ba7b604c44644187eb8c1feb8c8cb5c79b69b9b56e2
bf6e6a2b4a0edb892e20359e75033e23f4c39f6907e3d2ec917702388bf598e0
ca5ab22006904a17f355d15cd1417883c8e95e0da74f26c0e32795324a546dea
cea51d590bb6b8370d714f4888ba5ffc833284457b8cf8db99f819f8791aef7e
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6f515cdef5979110e48ce69af644f641881ae8307dcddd058c138fc3bede5e3
dab4f8f4e7c95c27d8926c5472ac27a2b33923500ab49e173fe639eb930865f5
db71f7566898814271badfe8098fd9a11fc3e71b55bf9def7fd5eabde11f56ef
dd20a5ae445a0c34086b9a504c099ecfe640c1dc0d9d97b5911e10df7ac46961
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44fcd7f19449ecf2be783dc225a6fe82011aff7746772f487069b9065212b88
e719fdb4f3b5ea8de43912f0f77c8eeafb683ac814f90ae3163009c50a587bd1
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e8e3fe916f41d2caf59230912dc2810b18a04502b6f38a3e0207f0fa962d7e5b
ea6b928319c82a8c71b6e3701d78974043230cf9e6f9117c0be5e2de436ea8da
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eba6b8ad3168acc141b3a57c95dbdd1ef513a28afd38cf8fea3ee75b8f31cf7b
ed627e51269f865425780547b0958d134c45d201b29ae31c990e1208158c7b03
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f161a6aecdb6c7aacde04e087dc13c062b8fc527134a8b91eadace4f9f05c002
f7fdbab0ae1e27ba48e1cfadf4e6586c955e861fcb1b370ea5d2b6e4597ab3d9
fa72726221ca83d885772a09a99998103178a9b9bc38e36ccf6ff2c1256de659
fd7111b4e5182358cd90d47b192332cb7b5ffcfbd06d55107f9fed006c0b86de
ff8130734b94499236fbc87d715bd63ca079cba0a7f81e5a586fb6bdde2f0deb

g-plans.com Open in urlscan Pro 34.68.56.245 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

107 Requests

94 %HTTPS

60 %IPv6

28 Domains

36 Subdomains

35 IPs

6 Countries

4235 kBTransfer

9233 kBSize

14 Cookies

4 Outgoing links

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

g-plans.com Open in urlscan Pro
34.68.56.245 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

94 %
HTTPS

60 %
IPv6

28
Domains

36
Subdomains

35
IPs

6
Countries

4235 kB
Transfer

9233 kB
Size

14
Cookies

107 HTTP transactions
7 data transactions