hellosehat.com Open in urlscan Pro
2606:4700:20::681a:17b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hellosehat.com/
Effective URL:
https://hellosehat.com/
Submission: On November 29 via manual (November 29th 2021, 10:32:59 am UTC) from SG — Scanned from DE

Summary HTTP 361 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 51 IPs in 6 countries across 34 domains to perform 361 HTTP transactions. The main IP is 2606:4700:20::681a:17b, located in United States and belongs to CLOUDFLARENET, US. The main domain is hellosehat.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 10th 2021. Valid for: a year.

This is the only time hellosehat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 123	2606:4700:20:... 2606:4700:20::681a:17b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::681a:5dc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6811:a872	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::200d	15169 (GOOGLE) (GOOGLE)
2	143.204.98.117 143.204.98.117	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6811:aa72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:310... 2606:4700:3108::ac42:28f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	216.139.248.131 216.139.248.131	32400 (HWSERVICE...) (HWSERVICES-32400)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	64.233.167.156 64.233.167.156	15169 (GOOGLE) (GOOGLE)
2	143.204.98.104 143.204.98.104	16509 (AMAZON-02) (AMAZON-02)
2	64.185.181.238 64.185.181.238	40009 (BITGRAVITY) (BITGRAVITY)
7 12	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
6	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
4	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:836::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:1d::6	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	72.251.244.142 72.251.244.142	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
6	143.204.98.28 143.204.98.28	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.98.82 143.204.98.82	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 4	143.204.98.87 143.204.98.87	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.98.45 143.204.98.45	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	143.204.98.62 143.204.98.62	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
361	51

123 2606:4700:20::681a:17b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hellosehat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.hellosehat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
subot.hellosehat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wp.hellosehat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-together.hellosehat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:5dc (United States)

ASN13335 (CLOUDFLARENET, US)

lead.hellohealthgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:a872 (United States)

ASN13335 (CLOUDFLARENET, US)

hellosehat.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eitri.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-117.fra50.r.cloudfront.net

jb-on-site.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)

location.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
segment.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:28f1 (United States)

ASN13335 (CLOUDFLARENET, US)

together.hellobacsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.139.248.131 (United States)

ASN32400 (HWSERVICES-32400, US)
PTR: 216-139-248-131.aus.us.siteprotect.com

hbs.ph.affinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.233.167.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.185.181.238 (United States)

ASN40009 (BITGRAVITY, US)
PTR: pc-b.bitgravity.com

cdn4-hbs.affinitymatrix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.242 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:836::2003 (Washington, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:1d::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5lznle.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.142 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.98.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-28.fra50.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.98.87 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-45.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-62.fra50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
123	hellosehat.com 1 redirects hellosehat.com cdn.hellosehat.com subot.hellosehat.com wp.hellosehat.com cdn-together.hellosehat.com	3 MB
64	googlesyndication.com 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com 8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com	345 KB
51	doubleclick.net 7 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net bid.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net stats.g.doubleclick.net	603 KB
18	2mdn.net 1 redirects s0.2mdn.net gcdn.2mdn.net r1---sn-4g5lznle.c.2mdn.net	2 MB
13	useinsider.com hellosehat.api.useinsider.com jb-on-site.api.useinsider.com location.api.useinsider.com segment.api.useinsider.com hit.api.useinsider.com assets.api.useinsider.com eitri.api.useinsider.com log.api.useinsider.com	171 KB
12	google.com accounts.google.com adservice.google.com www.google.com analytics.google.com	77 KB
8	gstatic.com csi.gstatic.com fonts.gstatic.com	206 KB
7	cloudflare.com cdnjs.cloudflare.com	84 KB
6	facebook.com www.facebook.com	703 B
6	trustarc.com choices.trustarc.com	29 KB
6	googleapis.com fonts.googleapis.com imasdk.googleapis.com ajax.googleapis.com	226 KB
6	googletagservices.com www.googletagservices.com	218 KB
6	google.de adservice.google.de www.google.de	2 KB
6	hellohealthgroup.com lead.hellohealthgroup.com	25 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com	1 KB
4	teads.tv sync.teads.tv	688 B
4	openx.net us-u.openx.net	503 B
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
3	facebook.net connect.facebook.net	202 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	64 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	googletagmanager.com www.googletagmanager.com	185 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	877 B
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	affinitymatrix.com cdn4-hbs.affinitymatrix.com	85 KB
2	truste.com choices.truste.com	19 KB
2	affinity.com hbs.ph.affinity.com	15 KB
2	hellobacsi.com together.hellobacsi.com	4 KB
1	hotjar.io vc.hotjar.io	257 B
1	smartadserver.com ssbsync.smartadserver.com	75 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	582 B
1	blismedia.com tr.blismedia.com	141 B
1	quantserve.com cms.quantserve.com	463 B
361	34

	Domain	Requested by
56	cdn.hellosehat.com	hellosehat.com
47	hellosehat.com	1 redirects hellosehat.com
35	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com hellosehat.com d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com bid.g.doubleclick.net 8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com googleads.g.doubleclick.net d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com 8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com imasdk.googleapis.com
21	securepubads.g.doubleclick.net	hellosehat.com securepubads.g.doubleclick.net www.googletagservices.com 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
15	s0.2mdn.net	33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com hellosehat.com s0.2mdn.net
14	cdn-together.hellosehat.com	hellosehat.com
12	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net hellosehat.com d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
7	cdnjs.cloudflare.com	ajax.googleapis.com
6	www.facebook.com	hellosehat.com
6	choices.trustarc.com	choices.truste.com hellosehat.com
6	fonts.gstatic.com	fonts.googleapis.com
6	googleads4.g.doubleclick.net	bid.g.doubleclick.net hellosehat.com
6	googleads.g.doubleclick.net	33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com hellosehat.com d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com 8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com
6	www.googletagservices.com	securepubads.g.doubleclick.net 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com 8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com
6	lead.hellohealthgroup.com	hellosehat.com lead.hellohealthgroup.com ajax.googleapis.com
4	sb.scorecardresearch.com	2 redirects hellosehat.com
4	sync.teads.tv	googleads.g.doubleclick.net
4	us-u.openx.net	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.google.com	tpc.googlesyndication.com hellosehat.com
3	www.google.de	hellosehat.com
3	stats.g.doubleclick.net	www.googletagmanager.com hellosehat.com
3	connect.facebook.net	hellosehat.com connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com hellosehat.com
3	www.googletagmanager.com	hellosehat.com www.googletagmanager.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	bid.g.doubleclick.net	33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com imasdk.googleapis.com
3	33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	wp.hellosehat.com	hellosehat.com
3	accounts.google.com	hellosehat.com
3	hellosehat.api.useinsider.com	hellosehat.com hellosehat.api.useinsider.com www.googletagmanager.com
3	subot.hellosehat.com	hellosehat.com
2	ajax.googleapis.com	lead.hellohealthgroup.com ajax.googleapis.com
2	analytics.google.com	www.googletagmanager.com
2	ups.analytics.yahoo.com	2 redirects
2	tracking.m6r.eu	2 redirects
2	r1---sn-4g5lznle.c.2mdn.net	33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
2	fonts.googleapis.com	33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com ajax.googleapis.com
2	cdn4-hbs.affinitymatrix.com	hbs.ph.affinity.com
2	choices.truste.com	33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
2	8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	log.api.useinsider.com	hellosehat.com
2	hbs.ph.affinity.com	hellosehat.com cdn4-hbs.affinitymatrix.com
2	together.hellobacsi.com	hellosehat.com
2	hit.api.useinsider.com	hellosehat.com
2	jb-on-site.api.useinsider.com	hellosehat.api.useinsider.com
1	vc.hotjar.io	hellosehat.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	ssbsync.smartadserver.com	d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	tr.blismedia.com	d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
1	cms.quantserve.com	d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	eitri.api.useinsider.com	hellosehat.api.useinsider.com
1	assets.api.useinsider.com	hellosehat.api.useinsider.com
1	segment.api.useinsider.com	hellosehat.api.useinsider.com
1	location.api.useinsider.com	hellosehat.api.useinsider.com
361	65

This site contains links to these domains. Also see Links.

Domain
luminaaesthetics.com
dharmais.co.id
mayapadahospital.com
www.omni-hospitals.com
www.tzuchihospital.co.id
www.facebook.com
www.instagram.com
www.linkedin.com
twitter.com
hellohealthgroup.com
hellokhunmor.com
hellodoktor.com
hellokrupet.com
helloyishi.com.tw
hellosayarwon.com
helloswasthya.com
hellobacsi.com
hellodoctor.com.ph
www.dmca.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-10` - `2022-07-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2021-09-20` - `2022-09-19`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.ph.affinity.com Go Daddy Secure Certificate Authority - G2	`2021-04-07` - `2022-04-16`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
*.affinitymatrix.com Go Daddy Secure Certificate Authority - G2	`2021-10-16` - `2022-05-16`	7 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-10-25` - `2022-01-23`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-11-09` - `2022-01-18`	2 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-07` - `2021-12-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://hellosehat.com/
Frame ID: 3155BFFFA2568C6277F3E1B30E01E480
Requests: 200 HTTP requests in this frame

Frame: https://hellosehat.api.useinsider.com/worker-new.html
Frame ID: 87C8944D06CC43E5861242C22373C175
Requests: 1 HTTP requests in this frame

Frame: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8ABD2473386CB0DB85B91EF6FFBD190F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzutxrdkYbGJ1p9orZPWjuupoI5Nf59ZzcI2uiVYVovprCwfZhaWqGbGf3xz1BfXRJUctN5oMjOeUJyOjIUhf3k0E1YSBqvwNDKvfltDRRXXcA7LEC8DAL3TG16tcB__o7sosVdZHaxGsQn4ruKYioUTa6oWPSERaPaPNiO8Z_dWsn2fwg0OKgnCqs48Jov8x-q7_fEhEPQPLChg8_-4he0si4W9Bam2JTdcYrPfQuTqYV0Cgwl7GJGDWi1LBKSxsm11pxq_3yYOQFi0QGmfZdC2twRkP4tDIvAsV_RYqC_QZ6eeLCrHLCLaHgvu86ZnLh-ANaeDrNvbvyqx1_vDaMtmg3j32Txq8UyA&sai=AMfl-YTfZpNrDZVGbFr7AeaTvc_WVHDs5XV-jDMBEkzYHEyYnUOQlGmL7hxQRrdHs2oD8l9EOJkk83tPecXt7SMVKuiRvm2VlHHObK6Hraa1_rW3WZFtbnICVhcCr3EjAKo&sig=Cg0ArKJSzEh1QNxw27OcEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8378DC2DFE78120D73BA2D297D531E8C
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW5M2mVmyG7cgDfbLHftp4HpBUBsYNOuax39ODMZzC8-KU4zqEd9G6ghj1-x_seJ3Baacx031I8P9Wp-A-P_xtrVuiyniyszBSfMpKmaghZnvDcJgQkZ5meSnP7stsNey_D6YFQ81mK08M7lnNWpqdTQ6qowE1--JLc5yWOAsjuK9b2v7ktCVvtT3S3sIoY16gBRqQpZSOVa67GtsKzb7Rd_84rZ8DGwXo8vnLmu8ktpV2y3eerGuAcowgk9Oy7_7WcbS3rbP4Z5jXMMCSqTUq5ZkSJPu9Hb1puB4opuh7jxag56EOsSamjZvpBlPOhy62cZCsyaFDYVWl8vThqBAWFxgHBBkF_3Kc0A&sai=AMfl-YSObMiNS9mU24ZFIwKMprTWRmOBA1c5AQY1QuVsS2smp9B3sEBnexcS5j9hc9rWitUhHdYdO6NJn3Cd34qm-XbkUBOiLgjhwkLmJmqKAWaxMhrhPTFtb2CNdoAaBwYA&sig=Cg0ArKJSzIWGQUEmyUyoEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7DD26CB981223B1720360B985A8C25A7
Requests: 13 HTTP requests in this frame

Frame: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C28247F2059D2507A789483A7BAC796A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7XQouFItOerZr79FW1s_RoV4YYULOzk8vVcYLV2OUeBEfdhhVA0MUFqAGpfbl64vsM0kdB4aAW1h-7xCZebTNvsvMhNoUOLFnw11zEuiH2gX_p9LsAnMZBHe9GSXjLipLd4IG9YTe7rrgwPjTCT1YtuX-thluFz-hQsC2azKmY6oJJ_HcIBxMqg2wxl_RFisZ0J_uUKknQXIg6RmYEtlc_D1ur04SxTeXXscTlyES7twP3m8PJN4roDyB14vxkGL9Tn8TMzvj3vwVzMSvt2MnEBR6X9uPrEeDSNwi0vBICENMsUZhxcSZ2kPVfpb_bjx7bm1Vky8p3atL0vD4rmoJBe6ppF4ofJGD9Q&sai=AMfl-YQr8FP-pTtLNWG0VF1rIgV--VnIGTND47xovvoHMU7e_SY7W2SNttl5Msr5FYTimLGODYwpB2IHfzeaunkMyY1co0cVITcq7CNLhOGAynOOY1kFngt85oqSKuo5VOM9&sig=Cg0ArKJSzH9a05ylZNHsEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A528B7F25802A99754D172CE359286D7
Requests: 12 HTTP requests in this frame

Frame: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A4A9E6B7F5FEF8ED8BF5C4A7F3D9D3D8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A935A1178D3B589774D1D7161600901F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C110E2FED6A7705F479A5254458EE393
Requests: 2 HTTP requests in this frame

Frame: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4148C7F309DAE3BD4C9DAB594BC4D367
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiG7oW6ATAB&v=APEucNUWXk4bJBUHqEBaoH_XSokdLY0KShACvLXQDNwjhykODbZ73SYlb8u-8dv293K9x9HPNq_ngenNwOVboyZbAAWZi3F8D89by4QsE29VntoFRvRACL3zI8hhzd4qsPlKOR-k4fmofkHoj2rcmHGN0Z9EFXhVULzlEyukObduAiM-o9mskDg
Frame ID: A057AA054900D6DBE25FCCE38B19743A
Requests: 5 HTTP requests in this frame

Frame: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 802BDAA4053A9A6EA97EA8A5A48AAAD5
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhitgYa6ATAB&v=APEucNUjBAmPraqEzHS7_jBwHyl5BigR7v3AxJfQrxDzZNcZU6AheSQFV3klm--n6oVzu7Z3B4xeOjnvIIeEA3r87W004AzOvyQnMNZNLy23-oxX8IDu3l_laH3d2bveaoH8xIcpz33EpjoreK9QNFvY9a96hT02FtG10uz2z_3J8cRiEiDN4_s
Frame ID: FFB8E8D4A40B9BF885E6E1E300FB2FCB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A591276E2DAFAD9E123A05A3839FD5AD
Requests: 3 HTTP requests in this frame

Frame: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 409E655CA7120ADFCCD8ED93B277B39E
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B97075374DC91367F711B2ED4C22D248
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CD6DE5E2BCD12CADDF21507ADD10A9D2
Requests: 2 HTTP requests in this frame

Frame: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 744E8E7FB34E3C40DB4CE86EAFCA7699
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNUoEVd18gr5zE6Oxw_vtBrL6xOjjot7nmmpcLQ-XsXpl1hgko0RbsQR7RBGuBlRGBNK9-N3jzCQlAFmBXglsTyzmp17Dx0ZPfPN0e6Wg-43szjJqOKMMlGCvBIzbuhT2eoPj_tfpYCFPsuIdDHBd1qjy2qltBnIGnuRpJTOJQRsK8VlEgU
Frame ID: 647C98661F8145CA5AA4C720EE6E5778
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CC7A89CBE96A7F173FB918D541181F5F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 491992D8E4D8B54680661983625FF04C
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
Frame ID: 7A5E6C846E2FF3EEE3D47E4DEE6F7D55
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 08CCCA339622551EC2134405A15508C0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: A2E2E5BD9899BA2FA71D17906EE6771D
Requests: 3 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: A86421B9DBBA956F0F59015A20E033F8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B7443343F2174BA09C97C13D686503ED
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3FA9048D977125D8CEDF1205C46DC327
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E89726830B9A560167836AE77ABADF03
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: EB49DAE6B8D5502CB8A9DC6DA6D1CEB5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hello Sehat | Pusat Informasi Kesehatan Terverifikasi Medis

Page URL History Show full URLs

http://hellosehat.com/ HTTP 301
https://hellosehat.com/ Page URL

Page Statistics

361
Requests

96 %
HTTPS

57 %
IPv6

34
Domains

65
Subdomains

51
IPs

6
Countries

8356 kB
Transfer

17847 kB
Size

39
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://luminaaesthetics.com/
Title: Lumina Aesthetics Clinic

Search URL Search Domain Scan URL

URL: http://dharmais.co.id/
Title: Rumah Sakit Dharmais

Search URL Search Domain Scan URL

URL: http://mayapadahospital.com/
Title: Rumah Sakit Mayapada

Search URL Search Domain Scan URL

URL: https://www.omni-hospitals.com/
Title: OMNI Hospital Alam Sutera

Search URL Search Domain Scan URL

URL: https://www.tzuchihospital.co.id/
Title: Tzu Chi Hospital

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hellosehat

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hellosehat/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hello-sehat/

Search URL Search Domain Scan URL

URL: https://twitter.com/HelloSehat

Search URL Search Domain Scan URL

URL: https://hellohealthgroup.com/indonesia/
Title: Profil Manajemen

Search URL Search Domain Scan URL

URL: https://hellohealthgroup.com/careers/
Title: Karier

Search URL Search Domain Scan URL

URL: https://hellokhunmor.com/

Search URL Search Domain Scan URL

URL: https://hellodoktor.com/

Search URL Search Domain Scan URL

URL: https://hellokrupet.com/

Search URL Search Domain Scan URL

URL: https://helloyishi.com.tw/

Search URL Search Domain Scan URL

URL: https://hellosayarwon.com/

Search URL Search Domain Scan URL

URL: https://helloswasthya.com/

Search URL Search Domain Scan URL

URL: https://hellobacsi.com/

Search URL Search Domain Scan URL

URL: https://hellodoctor.com.ph/

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=752026fa-bb3c-450e-b184-b8051d04e5c4&refurl=https://hellosehat.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hellosehat.com/ HTTP 301
https://hellosehat.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGxAErpTVIQ__Vuug_nc5g&google_cver=1

Request Chain 196

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaSsVEjljdCWLYe8LLUrFgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGxAErpTVIQ__Vuug_nc5g&google_cver=1

Request Chain 197

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPIxcL4Dcwvn71mRX_JNYCc&google_cver=1

Request Chain 198

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ3MTEzMjk5ODc1NDQ1MjgyOQ%3D%3D

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEyf9zN9GhlnfBV_KZm3ixg&google_cver=1

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESELZVR9J_4k1caOwrjHso6TU&google_cver=1

Request Chain 244

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEyf9zN9GhlnfBV_KZm3ixg&google_cver=1

Request Chain 246

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESELZVR9J_4k1caOwrjHso6TU&google_cver=1

Request Chain 266

https://gcdn.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669717973/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/22BDB7DE65AB8892D759EEC6293D7674CBC5CE4A.B48BA6ACD888AF5A6B22A85EEC9BF363E515D9E8/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lznle.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669717973/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/445969E527DC7C515E7F0FA0C2020D74DA541EED.0C50142032B9BEF93AC593A77994CD4242A91574/key/cms1/cms_redirect/yes/mh/y7/mip/2001:ac8:20:90:13a::1/mm/42/mn/sn-4g5lznle/ms/onc/mt/1638181476/mv/m/mvi/1/pl/54/file/file.mp4

Request Chain 269

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKDOSOW57S3cd73sHJCZGUc&google_cver=1&google_push=AYg5qPKevnMH8Luueh0w-fD5Q5hkLc6RE9e0dT9WxxpGrwMcY-VtV8LA0wQ58ud1aO1G5LyJu8QpjVHHopJx2OYG6dwx3ras7A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNTkzNzk5ODkzODU2ODg1OA%3D%3D&google_push=AYg5qPKevnMH8Luueh0w-fD5Q5hkLc6RE9e0dT9WxxpGrwMcY-VtV8LA0wQ58ud1aO1G5LyJu8QpjVHHopJx2OYG6dwx3ras7A

Request Chain 270

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEMlb0XpaGytRwsjMNZvfIYU&google_cver=1&google_push=AYg5qPIywvhS4Nz7tA72DkcOqbvV1SOqEWynYsNpEZGIytQAuIv4A57qJgnXqvODOxZv2RC0RJe1gaQvxInPcyi3D45oDeMru1Y HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEMlb0XpaGytRwsjMNZvfIYU&google_cver=1&google_push=AYg5qPIywvhS4Nz7tA72DkcOqbvV1SOqEWynYsNpEZGIytQAuIv4A57qJgnXqvODOxZv2RC0RJe1gaQvxInPcyi3D45oDeMru1Y&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=sQ1E_x7rgY4hwyr2NSDb3Q&google_push=AYg5qPIywvhS4Nz7tA72DkcOqbvV1SOqEWynYsNpEZGIytQAuIv4A57qJgnXqvODOxZv2RC0RJe1gaQvxInPcyi3D45oDeMru1Y

Request Chain 271

https://match.360yield.com/match/ebda?google_gid=CAESEAsN8ekX40RmouUkQ-X62yg&google_cver=1&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEAsN8ekX40RmouUkQ-X62yg&google_cver=1&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ

Request Chain 273

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEInKjIEnMs4GlzaQssYEVKE&google_cver=1&google_push=AYg5qPLpxaPf5h67p6pQ8AS5_PUAjPVy7UpXg86d58oqLVC5-r9MFbtW-WBKWGzZHHx36AXQ4iuxRq__Tf55hO2KSXFozc1v0ZtO HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEInKjIEnMs4GlzaQssYEVKE&google_cver=1&google_push=AYg5qPLpxaPf5h67p6pQ8AS5_PUAjPVy7UpXg86d58oqLVC5-r9MFbtW-WBKWGzZHHx36AXQ4iuxRq__Tf55hO2KSXFozc1v0ZtO&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mdG1KOEJKRTJ1SE9iM2xTSmg4MEdLSURZaUJvLldVS35B&google_push=AYg5qPLpxaPf5h67p6pQ8AS5_PUAjPVy7UpXg86d58oqLVC5-r9MFbtW-WBKWGzZHHx36AXQ4iuxRq__Tf55hO2KSXFozc1v0ZtO

Request Chain 312

https://sb.scorecardresearch.com/b?c1=2&c2=23452237&ns__t=1638181974032&ns_c=UTF-8&c8=Hello%20Sehat%20%7C%20Pusat%20Informasi%20Kesehatan%20Terverifikasi%20Medis&c7=https%3A%2F%2Fhellosehat.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=23452237&ns__t=1638181974032&ns_c=UTF-8&c8=Hello%20Sehat%20%7C%20Pusat%20Informasi%20Kesehatan%20Terverifikasi%20Medis&c7=https%3A%2F%2Fhellosehat.com%2F&c9=

Request Chain 338

https://sb.scorecardresearch.com/c2/23452237/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

361 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hellosehat.com/
Redirect Chain

http://hellosehat.com/
https://hellosehat.com/

496 KB
65 KB

1611ms
1569ms

Document
text/html

2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

2b2ac5f2984c2c890fd690db56bf69ad686c92b54348a7c51deeb3484b8fe99f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 29 Nov 2021 10:32:50 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyx2VSzpGsx7Nfwd2MvnrZ7ua2PYIczJ5yE4Cjy3u6dcOYr2Yb8c9jEzt2AT3IXz9c2bJNmjxP1UEJzi6aDVbPfC74uPaAZK9siiUs5CsmH929tQw1GmFMwi4eV9ESneaqvtbXruuQw0G3A1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b5b2c9aeabc0f52-MXP
content-encoding: br

Redirect headers

Date: Mon, 29 Nov 2021 10:32:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 29 Nov 2021 11:32:49 GMT
Location: https://hellosehat.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTY6Pg7iLIoN%2BJc8OznPsvHw8pWXYQcPngd5hS7Jnx955js0GBUghDEQzJsIn15ADbKiz9G1C3rARe0HlLSaN2NfadfetCFhK40UaG%2BahSNYKAfuA99NicBvtgccayWNopjyQ6O866qA8T9%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b5b2c9a78e759dd-MXP

GET
H2 200 closeLight.svg
hellosehat.com/images/ 311 B
525 B 40ms
40ms Image
image/svg+xml 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellosehat.com/images/closeLight.svg

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0652909f134a574590008eeb0b838fbe4db4fd04cebbc0604e2ade895514c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:23:27 GMT
server: cloudflare
age: 260725
etag: W/"137-17d5ae9bb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8e0fgQUIjcGSLdzX%2BXzHg86knZR2HgP1m5dBCcpiKFIsUoKBVfTr%2F7nHpPqLTNX1qprICvX75302%2B%2B3TPzTNO3z42PlA8IIS3hcYxn9bRm%2FkFyayaoDvGrbdpxtb9ZQjT0%2BRNoFWMJPl0Gxl"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca65eca0f52-MXP

GET
H2 200 arrowDoor.svg
hellosehat.com/images/ 2 KB
1 KB 50ms
49ms Image
image/svg+xml 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellosehat.com/images/arrowDoor.svg

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f41ea689c83498fbd45ad948229c6352a01982b5f95c74303903595f5c20175

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:23:27 GMT
server: cloudflare
age: 260725
etag: W/"86b-17d5ae9bb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVAFfn5Oy34KJL%2FlSnlkfzmbrLBmSvRxBD647%2F7sseGgoJY7JcjArQwQAy7K8F28zBJbsquHZYnoO9KrIdhO7B%2FdfA%2Bly8h85LceRYV4Bg68PJQhAk5AGfnbAJr3wSqG698HDKEMS1T%2B3Mx6"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca65ed70f52-MXP

GET
H2 200 tip_welcome.svg
hellosehat.com/images/ 4 KB
2 KB 67ms
66ms Image
image/svg+xml 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellosehat.com/images/tip_welcome.svg

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5ac37135b1519a5eefa4c2a5d27ced028c56e7a981f4a74e2391f00d1ef018b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:23:27 GMT
server: cloudflare
age: 260726
etag: W/"fbe-17d5ae9bb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BErvIMqJ%2FL1SA5kEhFX76iLYezzykmrrTM3vr0TEcK84x4j%2BTws3RLLONu7KJ9CBNMBPELOMNPuvHKLbF5MUL7dShch9KMmlsKzlekK0hW9EkUkKoXfDycis3XS%2FvSyi2TvypxakJGXTsLet"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca69f630f52-MXP

GET
H2 200 3e97a719-covid-19.png
cdn.hellosehat.com/wp-content/uploads/2021/08/ 3 KB
4 KB 71ms
59ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/08/3e97a719-covid-19.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec76e23362b97b1b7aec0300d2d222b5bbde5592ea2b82a76fa27782b1a65e97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=2vWeiw==, md5=mxn6N+om1Lt1m3ySx97vew==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17727
cf-polished: origSize=4564
x-guploader-uploadid: ADPycdsLKEig0ikP6ysEhMCkdCZ7uhaMDzGmGsX-PlWc6O9SlwxMriLAM0SYtzAjdhsPL1hzLT4PyNxzdO_vXLSy9U9Y78aAiQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 441397
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 2976
x-goog-meta-height: 96
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 15:37:24 GMT
last-modified: Mon, 16 Aug 2021 06:29:12 GMT
server: cloudflare
etag: "9b19fa37ea26d4bb759b7c92c7deef7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cq5ucaTxKZwZopwDLeYHgnHMemXSbIUdHKdIlp9lEHkwHNAT71Fjfjh%2B1chDqGjV%2BtiWiiKRINLVCrMFR%2FCQl5CSHSqNp5JENbge%2Fl3BUeAsmxpK71EmSszghmwHSVRg%2F3UlzcZXzmeFC42e8tjEpA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629095352740956
x-goog-meta-width: 96
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 1fb7fb7b47262fb19c852dc879a88b93
x-goog-stored-content-length: 4564
accept-ranges: bytes
cf-ray: 6b5b2ca69f830f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 closeWhite.svg
hellosehat.com/images/ 313 B
459 B 48ms
47ms Image
image/svg+xml 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellosehat.com/images/closeWhite.svg

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11d14340e0f6d32722c7a3b9b770ae935a25f87cb6eafaa8b68dd83f6dbc58e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:23:27 GMT
server: cloudflare
age: 260725
etag: W/"139-17d5ae9bb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgYPphXlx8Wl0l5gAbu%2BXDYvgjCryCN%2F%2BVx8AI%2FhehhI9ukQ8KRQfCLVarmf53zgYlXoRbHi35im3MKed1DWotwY47fIkGUa2kY%2Bx9RhJnVnmJNcqPvJU5Gc47JrnEV46U62L8DAfVMXDJHq"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca69f660f52-MXP

GET
H2 200 badge.png
hellosehat.com/images/ 4 KB
4 KB 53ms
53ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellosehat.com/images/badge.png

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69cc79d7319f1f6b1d0709bd67e54da60188318ce7f57f6c56fa766f4bc0f90a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 260725
cf-polished: origSize=4926
content-length: 3831
last-modified: Fri, 26 Nov 2021 06:23:27 GMT
server: cloudflare
etag: W/"133e-17d5ae9bb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCdOtmmbGxoobdRZGuLXg%2BJ8yQKCL%2FLBwSi%2BKDrP0ePuuRfohHpHS7FdOlnLOHUXxGDg5wC6Qk077W10xTHOSW%2FZc84YRdv9ISsprpBrydZyLlKqsbSv8uCL7L3pO2wj0R3G5oyfwEi%2Bs1S2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6b5b2ca69f670f52-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 search.svg
hellosehat.com/images/ 478 B
707 B 52ms
52ms Image
image/svg+xml 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellosehat.com/images/search.svg

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106bc8eec675a8f12658a8871e75f74256b505d9ae284b7ea6a6b04b863b7c66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:23:27 GMT
server: cloudflare
age: 256545
etag: W/"1de-17d5ae9bb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0q%2BOXPqr3ffiUAOpHvoAEQYmZ8rcQO9LTrijgyRIMoI66uqpRroQuqdsd2fjt35BZzsHOmtmQLcY1PtSVjf5ljDs8wGhlP%2FfV64mOhpn%2F0hq7ToYwKesVXZu12fZND%2BRwJrQm09LJm7tNp%2Bn"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca69f690f52-MXP

GET
H2 200 chevronDown.svg
hellosehat.com/images/ 213 B
473 B 45ms
45ms Image
image/svg+xml 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellosehat.com/images/chevronDown.svg

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2545d39df83ef1c13400d20da3f5605937ad772d8e5132e36cedbc4c764821e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:23:27 GMT
server: cloudflare
age: 256545
etag: W/"d5-17d5ae9bb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwZ1uuq4rN1ODN51%2FXcgar7pSg1CQO679bxjyQ%2FqAaeniMAXenajyfUXpi2vrWHGqxXGi5CVTW4xXlplZAf7c9rg7HJQi4iJkBxFvAGwtzuHSSEn%2BKqL%2F7srbscuoCXEJR8JVXrG%2FHtQLdD1"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca69f6b0f52-MXP

GET
H2 200 chevronRightActive.svg
hellosehat.com/images/ 213 B
486 B 53ms
52ms Image
image/svg+xml 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellosehat.com/images/chevronRightActive.svg

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37fb6a3c2bcab385de11a6d19fa63ba727c8a099317fa40d6941844a639152d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:23:27 GMT
server: cloudflare
age: 260726
etag: W/"d5-17d5ae9bb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5cXoqrNsMptGh9Nu7wdRljhAhp747ovDgLUHVe%2BpN%2BoCnrl%2BE7Q%2BHdLr6yiK0A6FKfeeXbsWF%2FXt0eOJCD9rDtTgtSITY%2F7LXIlvfTCh1xbrkg0N4HJe1Xv4FaCejFewz3iWRI6mHsveVVm"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca69f6f0f52-MXP

GET
H2 200 close.svg
hellosehat.com/images/ 315 B
465 B 43ms
42ms Image
image/svg+xml 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellosehat.com/images/close.svg

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bfaa688d95f3ab90a5c9e73dd05d6827b411685f3237b6e7c34706b8681e445

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:23:27 GMT
server: cloudflare
age: 260725
etag: W/"13b-17d5ae9bb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgjXPmjODc8yeU2wQkefQy40eYVUz1hrqvtKSf%2BvlxczGWhAQkAqviPDxDzKxbrUZH%2BO%2FcbvUglCPk%2FmJhwNlSm%2FFqfClh3nGhlgWAuVsT9aGO6P%2BVGBQSuPEgY5hV7RlQBTlzE2pHuq%2FaTi"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca69f750f52-MXP

GET
H2 200 b2982fb7-other-skin-diseases-1.png
cdn.hellosehat.com/wp-content/uploads/2021/11/ 5 KB
5 KB 73ms
65ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/11/b2982fb7-other-skin-diseases-1.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bd5fa1ea23b52949a183aed658634af68c40ab68c32faa297eb206bd1586ad9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=s1Y5NQ==, md5=egg6CI/assh5j+PiM6P43w==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13011
cf-polished: origSize=7341
x-guploader-uploadid: ADPycdtRV9hgCccOyZ1ragIBXRjewsgMxuKowacwVLwRjFXqEFuQRxoUw2nBCbr5zyyIrJCjMxaTkyA7WllF7NJas34
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 455888
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 4984
x-goog-meta-height: 201
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 16:56:00 GMT
last-modified: Tue, 09 Nov 2021 02:06:09 GMT
server: cloudflare
etag: "7a083a088fdab2c8798fe3e233a3f8df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqjhG3oIiywSeb020xu%2BrGQlkkcyJt6ht7t0aV4e2YligSg6RlWoNfrdZh7vABZgz5IqQaR94CxBVFIPhl2cItoKDJpixjLyBCdSq1IAk6Nb9zflHwiRF4rxmt7JUWnZeIMhtHtCZAMgJqI8bWIwJg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1636423569473564
x-goog-meta-width: 201
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: a47c918a1caddb63e8b8d80fa43b6588
x-goog-stored-content-length: 7341
accept-ranges: bytes
cf-ray: 6b5b2ca69f880f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 90068423-icon_alzheimer.png
cdn.hellosehat.com/wp-content/uploads/2021/10/ 6 KB
7 KB 73ms
65ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/10/90068423-icon_alzheimer.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 430e1bb0dcdc695ea1d1eca0fa65b13d3c791c559aaa9db857feb2c45afdbdb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=F3IlHA==, md5=v5Auf0CBjp1dpLSHNKZFBw==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8935
cf-polished: origSize=9872
x-guploader-uploadid: ADPycds5GeUEE_Uv2NzXOBW9Duv6NBvX1AnwVyZZH2qerWihRAR0mpBCEiutlvlr3SV6og2at5i4Tz1NCti4wApoSV4
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 454183
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 6655
x-goog-meta-height: 201
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 18:03:56 GMT
last-modified: Fri, 29 Oct 2021 03:24:00 GMT
server: cloudflare
etag: "bf902e7f40818e9d5da4b48734a64507"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8C19%2Fr%2FPaZkblH9dCSjCQ53fuJLmJ6me1GTDq6GsghqOB3JFXmSonfZVPg3BBQ7NBdf%2FQu8Mk5iMefBd8glswWeNKU0pND4uTqRG3Z9cNcW2eHOrgWrbu9CPAPu6J00K%2BnYsoZXAalvY43n6Bry6Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635477840017301
x-goog-meta-width: 201
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 2462553dfa221fa0b4d667e4c4fd9b98
x-goog-stored-content-length: 9872
accept-ranges: bytes
cf-ray: 6b5b2ca69f850f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 6c859d50-icon_diabetes_2.png
cdn.hellosehat.com/wp-content/uploads/2021/10/ 7 KB
8 KB 100ms
93ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/10/6c859d50-icon_diabetes_2.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8206994ff08210448630fecd10eb45f55aa50040d4083ecc037727c88a2a77e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=8JSWQw==, md5=Mcpfaq3V50VwL9jn/sWzHw==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8933
cf-polished: origSize=10788
x-guploader-uploadid: ADPycdtKJE9161A_ubGVGNu6cQZlkYPc2XCZyIxT4IpQNmmJT0WOQu0ocZN5RYlp0JaW3ldy9M3YijyCDUThsITPz0M
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 454180
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 7122
x-goog-meta-height: 201
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 18:03:58 GMT
last-modified: Fri, 29 Oct 2021 03:20:37 GMT
server: cloudflare
etag: "31ca5f6aadd5e745702fd8e7fec5b31f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7FkuBAAhuvNQkLmSVa51oLLDHsWRDSWHEBDlHiv%2B1Wi17biDisqoUprad1ChVX7MPrw40pBqOlppQXv5YN64b6m98jNFhVSRQFvvuw6TemchpjVPsePya%2BmwBaq%2BEv8%2BunDZNgfqdIV31tQ5wBLzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635477637097963
x-goog-meta-width: 201
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: e10123651e4f0c34941dc960e3567d89
x-goog-stored-content-length: 10788
accept-ranges: bytes
cf-ray: 6b5b2ca69f8a0f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 c2e57e42-icon_pre_peri__postmenopa_use_self_assessment.png
cdn.hellosehat.com/wp-content/uploads/2021/10/ 4 KB
5 KB 62ms
55ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/10/c2e57e42-icon_pre_peri__postmenopa_use_self_assessment.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01caed562ebc86751778ba3331331dcbb1d7e2e330c2a7b62c08f459984cfe9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=eKPECw==, md5=huU7fUHd9gLaey42BVprNA==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8935
cf-polished: origSize=8976
x-guploader-uploadid: ADPycdsWC8k0LfR0B_MZkPzOcR3hoNy-EjAAzZ0vEMNsJhANfZsm1QO381ZBGKkUOVWgYMN3mbhOqDHoc7L8ZBNUZsM
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 454177
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 4225
x-goog-meta-height: 293
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 18:03:56 GMT
last-modified: Fri, 29 Oct 2021 03:17:03 GMT
server: cloudflare
etag: "86e53b7d41ddf602da7b2e36055a6b34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjPEIuHMCJEg9FMbqUeN%2FD71lR6yOzwHhiEmRiaXh4X4%2BErLHjTHu4Bn4QmOQY1iPTLrqsuogaaSxcuzjUDxIQoENqa5gVzrFo1WCKSeCk6SU2gWKd8vePE1FUv95gQ4emsrUNqGlBivYBK0UEXqDA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635477423871528
x-goog-meta-width: 292
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 03795a14d1d26c3609f95f47a0ca62a5
x-goog-stored-content-length: 8976
accept-ranges: bytes
cf-ray: 6b5b2ca6af8d0f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 fee42a1f-property-1target-heart-rate.png
cdn.hellosehat.com/wp-content/uploads/2019/07/ 3 KB
3 KB 51ms
44ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2019/07/fee42a1f-property-1target-heart-rate.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e75913f20f466004f58d79f803b42c1e895ea48a19f5b7250c2dc480cbd4d22e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=UfoPYw==, md5=89Dt4JvtVPwsaU9JkLEYLw==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8935
cf-polished: origSize=5004
x-guploader-uploadid: ADPycdsjlZPng74ngv38Yv7a2NroWR9AUl8DXoo-kQdU7wArKgWb8liNyNBDH0x_uhzMNhrtF73LR3r9N3EJEqP3b0g
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 451153
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 2622
x-goog-meta-height: 216
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 18:03:56 GMT
last-modified: Thu, 14 Oct 2021 07:59:33 GMT
server: cloudflare
etag: "f3d0ede09bed54fc2c694f4990b1182f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhrenY1pEuT1UQDh0Qx120C8XzBXbUplrl2DO8h6l91rgmafd06wZeeNBvRA%2FPLX59dBAQHwqxWuGB48wVQNvaXBjZdsgLQ%2BLYnly3EqFDdD72UrbaUfjFtdb3CJUr4jMcID65AszIvOAZ7QCtzJVg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634198373108656
x-goog-meta-width: 216
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: a97709e307d1ecf3090a0d9978431135
x-goog-stored-content-length: 5004
accept-ranges: bytes
cf-ray: 6b5b2ca69f890f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 5427c520-bmi-caculator.png
cdn.hellosehat.com/2021/04/ 2 KB
2 KB 129ms
128ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/2021/04/5427c520-bmi-caculator.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d46339dafc1d32a8aaf81c5d90820b9fbd49576d95e42276b6319fcc5b8a8b99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=FHOwVQ==, md5=0hfMgg+jlX0+TxiiY76Pow==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8935
cf-polished: status=not_needed
x-guploader-uploadid: ADPycdsVlf14XA2oCLoAmWMP1fH9-qSTHuWIMf570mxHVfsDtswrSSmQshZbKJrF1P-X0ObnU6_M6jnTwkViIRRSKMo
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 416225
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1686
x-goog-meta-height: 160
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 18:03:56 GMT
last-modified: Tue, 13 Apr 2021 22:05:49 GMT
server: cloudflare
etag: "d217cc820fa3957d3e4f18a263be8fa3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bzhdu2DW6Ix54pSYNNbtq4Im%2F3SnOWm6pJPgklFnBhNknTXjpJHxAdsd37%2Fi8qL4TwO3naWKjGs9Txs2GdQhSH%2Bt0itOXAAgsSi0CzZW3u0aGkM7kcFKLXubqLp6UVjglhOIb9H4uYaPtcyjETbeYw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1618351549344280
x-goog-meta-width: 160
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 061ac4ef4ae9fda1ba6240b49e80bb61
x-goog-stored-content-length: 1686
accept-ranges: bytes
cf-ray: 6b5b2ca6e8550f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 ca44fa6c-bmr-calculator.png
cdn.hellosehat.com/2021/04/ 1 KB
2 KB 55ms
55ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/2021/04/ca44fa6c-bmr-calculator.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdae988100afcf19315d358cc2c33a6252eb67a6df3d7a90cf742a3c10e56870

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=HMu38g==, md5=0PC7GJI0eazb8rsAKVd0Bg==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8934
cf-polished: status=not_needed
x-guploader-uploadid: ADPycdufsZcArfVzGd10ex9Qz9AwqvC4EXCdWPqzfJGjNQtxBuHlDt0bpzvMGlhqYqWtkbmPoNEXNdUFBWGD_rD1SaA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 416226
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1223
x-goog-meta-height: 160
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 18:03:57 GMT
last-modified: Tue, 13 Apr 2021 22:05:34 GMT
server: cloudflare
etag: "d0f0bb18923479acdbf2bb0029577406"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eS%2B4ENDHBDi1usTeFK%2B4rQrfnJ9CZBWVgR9Kfx%2F1Z4YFoWr5ZRFePpvOe%2FPn28gwv8noOOdZYfIt68ef2YYawWvhPdvo4%2BKnvqLYeGd1nnS85IYHmMQRdrcazm0WReHB9s5O13vdbi0QgdhIShRa3w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1618351534193305
x-goog-meta-width: 160
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: a9d5bad2b15e990da8306e86416f2301
x-goog-stored-content-length: 1223
accept-ranges: bytes
cf-ray: 6b5b2ca779be0f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 6e5e1200-due-date-calculator.png
cdn.hellosehat.com/2021/04/ 1 KB
2 KB 48ms
47ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/2021/04/6e5e1200-due-date-calculator.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5fb43ced5486daab63abc79176d3884bc3674166630268f48158799d1b4dbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=D5O5Ig==, md5=7s6owLphHDFFJ9y4ZI4Xpw==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8934
cf-polished: origSize=1139
x-guploader-uploadid: ADPycdudhNY75YXNnGE9OSuQlH0amtiMnxiIqzP_01YrtQ-dMmMt07bJ6wA-kPJquJ45U2Vr0gnpU1SyDO8y_oe3Y7g
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 416228
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1121
x-goog-meta-height: 160
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 18:03:57 GMT
last-modified: Tue, 13 Apr 2021 22:02:20 GMT
server: cloudflare
etag: "eecea8c0ba611c314527dcb8648e17a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bThb0vjJEEaei0fMQHna0Waj6aFU1z4GajOA1kaVd%2BlxK2gaZXE32fs5uu%2F88mR0q40kTx6GMkbqcHRdYAv9NgtJlda6Oj%2FW0NMMmYS7AFdwCHpKyxTmtLfEMfJmnYef1UQ2d%2BGN8Iey49fNQpWmHg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1618351340519573
x-goog-meta-width: 160
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: c2e9a1f3a1ffd4ee3ebb53e648cafb9d
x-goog-stored-content-length: 1139
accept-ranges: bytes
cf-ray: 6b5b2ca7ba6b0f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 429449ef-ovulation-calculator.png
cdn.hellosehat.com/2021/04/ 1 KB
2 KB 48ms
48ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/2021/04/429449ef-ovulation-calculator.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57d17a8ea20280d11b5d3e7ee77633421c37c67b86a23908894af1f231239e8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=QtuccA==, md5=J0xZtiC+jP8chEOXDR60Dg==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28638
cf-polished: status=not_needed
x-guploader-uploadid: ADPycds6d4Eu-myhYFU7wqAeuuGeA6cAz8weZZy-XnMC-iO78W8hCjLJSzp6DL4Fc8r3rbxICu61KCPHxHrOcHwqFcZ8yz_k-w
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 416216
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1041
x-goog-meta-height: 160
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 12:35:33 GMT
last-modified: Tue, 13 Apr 2021 22:07:48 GMT
server: cloudflare
etag: "274c59b620be8cff1c8443970d1eb40e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ay9KuiwKdnZSK682tZNk5N84rJPk8geHU%2FhvdiiL6IMZmT%2FbCRDNsyjYBiJLRBOjgDlq2YDQg05B6AZEdT4Ri0QnruvU3e771H3SJNt0t18EMxN3w62N3WYSvND2baN6aYH%2FwyNxcsTim1y%2FOmSaVg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1618351668855234
x-goog-meta-width: 160
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 504285503ccda460acc2ad38fea8896c
x-goog-stored-content-length: 1041
accept-ranges: bytes
cf-ray: 6b5b2ca7cab90f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 7f77c5d7-pregnancy-weight-gain.png
cdn.hellosehat.com/2021/04/ 2 KB
3 KB 50ms
50ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/2021/04/7f77c5d7-pregnancy-weight-gain.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e87306bc66a9508994f77972982dc78faf83cc960b04bbfef7d6186577cb60f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=moHn1A==, md5=CbVqdTC5Audv8PcHbnyb0Q==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8934
cf-polished: origSize=1994
x-guploader-uploadid: ADPycdseM5d_2rc4dJGHXobLKBjJqKKlO1MI6pcA-cVTr-HBDdwn8HjfNTu4WBawe0phlsK6EnNtqcBIPgRr9l3Ltsk
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 416217
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1989
x-goog-meta-height: 160
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 18:03:57 GMT
last-modified: Tue, 13 Apr 2021 22:07:33 GMT
server: cloudflare
etag: "09b56a7530b902e76ff0f7076e7c9bd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3OfzDZODZFf7FTB33z%2BEWdwKG9qyS1SeKYei2YvewOI%2BZHc5SRKpcQty2r5d%2FrO4ZwGFFdoRDGi8Pu5%2FEty1roIXAbAC3FJ3MxJbU8KnNxrJm7R5hB3QWUIlVF09xWWaZfAfVhiiRTIS1cYfZqY1g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1618351653369679
x-goog-meta-width: 160
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: c5aabd10d9289b3d760f774461161ff7
x-goog-stored-content-length: 1994
accept-ranges: bytes
cf-ray: 6b5b2ca80b550f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 a6416237-baby-poop-a-visual-guide.png
cdn.hellosehat.com/2021/04/ 2 KB
2 KB 51ms
50ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/2021/04/a6416237-baby-poop-a-visual-guide.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f484bcaa99153f90c129c2206904b6bed43f28e7a45bf45ccb942f1f09631ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=0U8LXw==, md5=iFKA23bZ+ySsxURMf4joYA==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28639
cf-polished: status=not_needed
x-guploader-uploadid: ADPycdtCFH9UiIvmvdLUDf-0LsgK61nMd7dVcqz2ymM-srtWB-i3tx98wEapYXvfNMUB576Bi-Bsj_ggYG5zpZZqddkipUCKtw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 416223
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1555
x-goog-meta-height: 160
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 12:35:31 GMT
last-modified: Tue, 13 Apr 2021 22:06:19 GMT
server: cloudflare
etag: "885280db76d9fb24acc5444c7f88e860"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udWmg41WeC0KiHdUGCzYEdpOrs%2FyR6ubRvJ5yWl5FPCtNsvSR%2FcQmiUlLLEZL4FqmzKwF6f3%2Fi48ShBmpdah9g1p79hEJiFy2ABY%2F%2BGHLV0pq8irWQxTjWg7zihqtuJqfuz7%2FENd1BKUwVWSs4Lp6g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1618351578925507
x-goog-meta-width: 160
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 8f1cdaf5135776a62214b9e65545e11d
x-goog-stored-content-length: 1555
accept-ranges: bytes
cf-ray: 6b5b2ca82ba40f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 trendingUp.svg
hellosehat.com/images/ 364 B
584 B 235ms
235ms Image
image/svg+xml 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellosehat.com/images/trendingUp.svg

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4d21a447563fbf8e6c7fdec84bb7f180ec7295064706ea97d817fc397afff8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:23:27 GMT
server: cloudflare
etag: W/"16c-17d5ae9bb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hh39ned339CStBDQMYfwxKJTnX5R40nc8cFx80ZMxK68GOIgWShN0TiFdBDf1N%2FEctdnRWNpSMe15qF89BI6BGLhg4oZs0gg7HuwZCZv1PVNivRIPU2tEojE6koDkFjzBBj%2BmFW7G4SdhOOr"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca69f790f52-MXP

GET
H2 200 3ef832d4-shutterstock_466068065-650x434.jpg
cdn.hellosehat.com/wp-content/uploads/2021/10/ 41 KB
42 KB 76ms
73ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/10/3ef832d4-shutterstock_466068065-650x434.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f9f81fb8cf2c9f8aef75e8b93d3b2880d840af89422704ba8846a5b361eab12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=r6lXig==, md5=yFuGx/Be5Woof6Nl/wad2g==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 443
cf-polished: degrade=85, origSize=56880
x-guploader-uploadid: ADPycdvhGuJ_gnAEcOC9FKZEGyqOIwqLPSOsb9F8dMJA8mMCo-mqVqolhYmDR6_Ogdj_6s6aWHYVc_6lAbaASSKsr33_4sx7tg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Thu, 21 Oct 2021 03:35:13 GMT
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 42400
x-goog-meta-height: 434
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 20:25:27 GMT
x-goog-meta-child-of: 452363
server: cloudflare
etag: "c85b86c7f05ee56a287fa365ff069dda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdRqeSKt8VDZQwFwRh%2BrCUc90KUot7Tbzyh1r8d2Zuz0MJ7ugkkXudNuiKzy9jIx5LuOyY14gt2YvmkrQwM3MHhlLAWulz53Z7iBTs48eYCcJEoHkW2BvrinyYTyioFDY0gUxr8xAeo9udxnf%2BWYfg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634787313060811
x-goog-meta-width: 650
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 56880
accept-ranges: bytes
cf-ray: 6b5b2ca6f86d0f52-MXP
x-goog-meta-size: spine-image-medium
cf-bgj: imgq:85,h2pri

GET
H2 200 Tania-Savitri-150x150.png
cdn.hellosehat.com/wp-content/uploads/2017/03/ 11 KB
12 KB 54ms
51ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2017/03/Tania-Savitri-150x150.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfbbf9a47ccc8dcc9cb0604bb121a8ac35bba7f70bf4eea575177bbaef5cdff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=AHpuFw==, md5=eKq8W77/nYaZLsUD7iKwZw==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1502860824
age: 18654
cf-polished: origSize=12661
x-guploader-uploadid: ADPycdvLG6395VIaO3NiVSoSdUPbHe33kpdxhe0UyPx4fZWU-h4XMMxgriSadi9LjIRhCUW47K4px_p03fuiJz43DME
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 11470
last-modified: Fri, 26 Mar 2021 10:31:45 GMT
server: cloudflare
etag: "78aabc5bbeff9d86992ec503ee22b067"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uy0c1EWcEZyxCbiYah1mWEUz7khVaqjAlBmewfcAno%2BDkGlNwbRJlMhfgRSK5di4so5nCUp6MuuMMHUGR%2F3y2ctJMnnF0CclJz721tKco6bNNDla2kqrDxgDSYlSswKZr0j0HvrLj2RGCYD0mORZJg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1616754705161614
expires: Mon, 29 Nov 2021 06:21:57 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 12661
accept-ranges: bytes
cf-ray: 6b5b2ca6e8660f52-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 reviewer-medical.svg
hellosehat.com/images/ 502 B
603 B 46ms
45ms Image
image/svg+xml 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellosehat.com/images/reviewer-medical.svg

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ddb25c60ecb22faf48b34ed1712d093239d3e6c6545fc58ff2a3270c5335610

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:23:27 GMT
server: cloudflare
age: 260725
etag: W/"1f6-17d5ae9bb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fMC4DyHWf2Ni%2BxkY3QWkfGKddwkEoxhAT7jLeIxdMwHwmF5FSwUyW6hLa%2BK0JTqZH%2BuDGLjA8jRXcRvQVVpoyLs0U63UVkmq1GzN4bkB%2BOQnl5dbX5wd9Gy3PWzBB9C3Uun9O7SAH9wG%2F2B"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca69f7c0f52-MXP

GET
H2 200 2294bbb4-manfaat-jeruk-untuk-ibu-hamil-650x434.jpg
cdn.hellosehat.com/wp-content/uploads/2021/07/ 28 KB
29 KB 369ms
366ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/07/2294bbb4-manfaat-jeruk-untuk-ibu-hamil-650x434.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56cb8b0ff51816351c50a2097f1a3e9080046cb87f7189a1a510772db7a9af5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdvLeOZ4mxqnKQGJGMML4EtZTI40pZRkk-3nRer7nCknbz9dmvGwrERDor6WXVchxNONY_dsDtsw3p1N_dkeiwHnXRaytg
x-goog-storage-class: STANDARD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8%2BcROf0bL33fxrEXL6EZBqtac39ZtXxpg07yGHMIPnJILq%2BSKRpFDqKMSzWHPoAGtZeifaALJd%2Fjeg1dFKlmuRIgeC%2FqUeRETFepbSanS3g1iTS0WUm37YUIjsvdl9%2BaflyfMB3PS01omobU89GoA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 2
last-modified: Thu, 01 Jul 2021 01:09:09 GMT
x-goog-stored-content-encoding: identity
cf-ray: 6b5b2ca6f86e0f52-MXP
content-length: 29027
x-goog-meta-height: 434
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of: 432827
server: cloudflare
etag: "ea5d37888e95300a74770e352706e031"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=r5d6Mg==, md5=6l03iI6VMAp0dw41JwbgMQ==
x-goog-generation: 1625101749276762
x-goog-meta-width: 650
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 29027
accept-ranges: bytes
content-type: image/jpeg
x-goog-meta-size: spine-image-medium
expires: Mon, 29 Nov 2021 20:32:51 GMT

GET
H2 200 80877253-dr-damar-upahita-150x150.jpg
cdn.hellosehat.com/wp-content/uploads/2021/07/ 4 KB
5 KB 61ms
59ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/07/80877253-dr-damar-upahita-150x150.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a323ea4d420f000759dc95278605a701d670dd29cb477da6d8a6d9a78e06ea66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=yjSlmw==, md5=dxj7yJqNrAcdoCyXj0BezA==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5795
cf-polished: degrade=85, origSize=4457
x-guploader-uploadid: ADPycdtznRs0Nu4_Bf8U-9oxFEcvMDDfV1uBOlptcQeLDtYpfcU8j7sCMSHY-0ujyq4xV1jSWnU_OioZANkyqy5o_oM
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Thu, 08 Jul 2021 10:42:31 GMT
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 4302
x-goog-meta-height: 150
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 18:56:15 GMT
x-goog-meta-child-of: 435144
server: cloudflare
etag: "7718fbc89a8dac071da02c978f405ecc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PasaRKEJfhnIK76p764yQUo%2F%2FQ7fjZJdcJ8Tglqz2VrgW81dlKh8wXN65PTsMu7R7z0GNU%2Fl1f1LNcBIsjtdwOd49D%2BhNSzCgVOb1xQbkEiLVY8vX7gpNGFcxS7206%2BOztjVTQNHt61%2FATHXCzOxw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1625740951025732
x-goog-meta-width: 150
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 4457
accept-ranges: bytes
cf-ray: 6b5b2ca6f8850f52-MXP
x-goog-meta-size: thumbnail
cf-bgj: imgq:85,h2pri

GET
H2 200 shutterstock_414204997-435x300.jpg
cdn.hellosehat.com/wp-content/uploads/2017/11/ 9 KB
9 KB 381ms
378ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2017/11/shutterstock_414204997-435x300.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0188f169f74bac198ce911d9c9f52a6162fb18e9e40dc4b2aa95767a135f8b8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=GgjQ9w==, md5=3VMxW4NvD3rU41o9H6K8hw==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1511160142
x-guploader-uploadid: ADPycdtBeJXSkkXDrFSMQ59E3PLFXo8vxBELY2cogBsZwVoWWJMNn9Y44oB9E51HqJRXQvPVrGPPFOKz8H6AZWIUY9jXBAHB8w
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 8902
last-modified: Fri, 26 Mar 2021 10:44:10 GMT
server: cloudflare
etag: "dd53315b836f0f7ad4e35a3d1fa2bc87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0KbrGhZv%2BFQuudLqSMuh57e3FgIFP0JLyAxexXFJXM2TxxpanLWFZ%2FdVAQ6piKLQBXx2zG5hxfUBzPYVrpJiv4ZEyH0KG1a0eoDD%2B1cZUhgaKyE3WeSjMQDeFcadK2kIvMudRhdDZGc494ebO5wnA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1616755450418571
cache-control: public, max-age=31536000
x-goog-stored-content-length: 8902
accept-ranges: bytes
cf-ray: 6b5b2ca6e85e0f52-MXP
expires: Mon, 29 Nov 2021 11:32:51 GMT

GET
H2 200 c5d6db6e-dr-patricia-lukas-150x150.jpg
cdn.hellosehat.com/wp-content/uploads/2021/07/ 4 KB
5 KB 52ms
49ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/07/c5d6db6e-dr-patricia-lukas-150x150.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69708e48c09056dbe09a59ebbf992261dbb2fcef90053cb0fd2b0ec605cc03ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=/QNtng==, md5=g7u13QWupL7RWspDFDbwwA==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9397
cf-polished: degrade=85, origSize=4294
x-guploader-uploadid: ADPycdvHOghHUG7LmHB12DgbCkY5smCXH4oXtd07vXXQdothHg6EzypemvKIr_JTGPYXizetMZM-X6iGEbApvEWOtdGgJYZ3gQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Thu, 08 Jul 2021 06:55:31 GMT
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 4108
x-goog-meta-height: 150
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 14:21:18 GMT
x-goog-meta-child-of: 434995
server: cloudflare
etag: "83bbb5dd05aea4bed15aca431436f0c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3T4Y2k6F0cm7r9EIHenn%2BhghUOFcpa9RHWaajZL7QA1m0T69Gs1J6mbgWVc6Rahiz%2Fr%2BlsxsXIiQ0ckggTSJiCOnU9rL4zRLnUKJH8rcaaR%2FCrM5ldc0Kyvfktt2KKvYRiIpmwh3%2Baklp845yK3SyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1625727330920720
x-goog-meta-width: 150
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 4294
accept-ranges: bytes
cf-ray: 6b5b2ca6f87a0f52-MXP
x-goog-meta-size: thumbnail
cf-bgj: imgq:85,h2pri

GET
H2 200 0663ae79-makanan-buruk-sebelum-olahraga-150x150.jpg
cdn.hellosehat.com/wp-content/uploads/2016/10/ 5 KB
5 KB 63ms
60ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2016/10/0663ae79-makanan-buruk-sebelum-olahraga-150x150.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b07ebb9c6636b3dd30e0cfea84755b76a10a0a43d57d4a7a15d63d22a98284d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=LXgHfg==, md5=QeX3Y9aQoeC/6rbntAaZ9A==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 432
cf-polished: degrade=85, origSize=7249
x-guploader-uploadid: ADPycdstq4OX-nBz8s4zptDfdtfwj2Iesp1FAnxvFQsqNasAOVwg3TojfvKN8WT_JlzV16TatsTlt7KMWAqhr1FKAcKYIvrm4w
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Tue, 24 Aug 2021 10:22:04 GMT
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 4865
x-goog-meta-height: 150
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 20:25:39 GMT
x-goog-meta-child-of: 442459
server: cloudflare
etag: "41e5f763d690a1e0bfeab6e7b40699f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUTaXD8HFgu7MPAvo3JJ9tScu7sX%2FBKKovzf1rypnH18eRO0TFQhiEMKWP5eFHv64YSmG8HdztwDzUWqOyZn58FVbVsdDA7DQKlg61p%2FX1aqgejSUEN0pjS8ot3otl4w239x7Vgc%2B%2FnbNQH31umqMA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629800524066241
x-goog-meta-width: 150
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 7249
accept-ranges: bytes
cf-ray: 6b5b2ca6e8630f52-MXP
x-goog-meta-size: thumbnail
cf-bgj: imgq:85,h2pri

GET
H2 200 manfaat-air-kelapa-mengatasi-keracunan-makanan-150x150.jpg
cdn.hellosehat.com/wp-content/uploads/2018/10/ 5 KB
5 KB 45ms
43ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2018/10/manfaat-air-kelapa-mengatasi-keracunan-makanan-150x150.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2af2aa60f45a1723a9088865687f20964145ca5f11b18a6c5253691bcd8dfdee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=XD4fpQ==, md5=QzsX7PaglK2kd69HmUaMlw==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1537935179
age: 432
cf-polished: degrade=85, origSize=5676
x-guploader-uploadid: ADPycdtoA2lr4A3oGYnRVBBnohGaTnZ65fUu3TnWBi520ZPv0PH4C-UQNvCGNo-Y-VM_OrpeTf0VuBe0g3M4zBMSa1lBa12RlA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 4835
last-modified: Fri, 26 Mar 2021 09:58:08 GMT
server: cloudflare
etag: "433b17ecf6a094ada477af4799468c97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29lw74y11cEErl7Moz2JxeQ0UTnOVDELjrBYm%2FCEEDjiJJEgMPVr80XVYHysQonmrRBr0RG%2Fgacum6C6gdE0dsL4AvNSMexeDLb87rVdIMA7DXSg23OjexYb%2Fdtm752qErwb0g9hGF%2BpkqR1nOhPVg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1616752688047951
expires: Mon, 29 Nov 2021 11:25:39 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 5676
accept-ranges: bytes
cf-ray: 6b5b2ca6f8830f52-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 c34b27ed-shutterstock_1017422947-150x150.jpg
cdn.hellosehat.com/wp-content/uploads/2021/11/ 9 KB
10 KB 396ms
393ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/11/c34b27ed-shutterstock_1017422947-150x150.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4123fffdff9a9e26202127a87781c5cee9afa520a374d688493f346905d29dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdvMGemFanqB6vTYXvcEtXZtqzW-zABw3plvDJ7SuZk6Khk1HWBIMYhAuIOy3naE4gh9gQ8bGf69eYs01cOQDdu3ELdAow
x-goog-storage-class: STANDARD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFQadFX0jmWHbl3NiXRlckhvKgNJY8gfYjTQi6CxdzJiCsyy57Pk5zV4rYTppjFssOsGVC5p10%2BY4kdJNSFWKunDiJypFpj22yeQZE07KYgt7UnwaVbPnxKdppyH%2FY6TJBRA%2FdNRlquYBf%2FmCQmR6A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 2
last-modified: Mon, 22 Nov 2021 00:48:31 GMT
x-goog-stored-content-encoding: identity
cf-ray: 6b5b2ca6f8800f52-MXP
content-length: 9675
x-goog-meta-height: 150
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of: 457959
server: cloudflare
etag: "86272fb290c93e53c2a8ea98e7539470"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=ynCTJQ==, md5=hicvspDJPlPCqOqY51OUcA==
x-goog-generation: 1637542111786243
x-goog-meta-width: 150
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 9675
accept-ranges: bytes
content-type: image/jpeg
x-goog-meta-size: thumbnail
expires: Mon, 29 Nov 2021 20:32:51 GMT

GET
H2 200 image1-150x150.jpg
cdn.hellosehat.com/wp-content/uploads/2020/04/ 2 KB
3 KB 62ms
59ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2020/04/image1-150x150.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3b9ed04b027e1a7bd770bbdc284222c7598953667d8f058742305c411ab6469

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=d2UZpg==, md5=WCIPDxqvAgK6krjm0jEpjQ==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1586178569
age: 20348
cf-polished: origSize=2390
x-guploader-uploadid: ADPycdtDQ0teiJ0ho5UL2C5MGKz35VgIjBZ7ofRo_rIHWUqxieRYPrPQ8WFZuqCHLr7ijJL9AvZceWoBK7oZK-6sOe2GlB5bzg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 2352
last-modified: Fri, 26 Mar 2021 09:31:14 GMT
server: cloudflare
etag: "58220f0f1aaf0202ba92b8e6d231298d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KqqlFeIFchL9aQyFk4ZQuY%2BglHCFXT7QevFngzu2mMlCFotQ%2FdbNDv7TjB30HdxzJyXXsnEAruXsnEWRB4JzIp9gEOoaCGdeNQoNhR0ND%2FueVCdnAOymBitv%2BozGmKAckgabss5kblIQYeJyi8EeA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1616751074934863
expires: Mon, 29 Nov 2021 05:53:43 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 2390
accept-ranges: bytes
cf-ray: 6b5b2ca6f8860f52-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 2512845d-penyebab-lama-hamil-setelah-menikah-150x150.jpg
cdn.hellosehat.com/wp-content/uploads/2021/11/ 8 KB
9 KB 423ms
421ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/11/2512845d-penyebab-lama-hamil-setelah-menikah-150x150.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53361a2d55736457bf03e5887dfbdd0c8fd8532ad82bf6f457ca2f3deb84ead4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycds5CxYZDfq54zFSkyR5T6yS_KyFT3NbMa7wwEr-uSY6TT47BPCgoo9xJxAJsbpapZInWMX68V3fneows6QV5d7Dl17ZSw
x-goog-storage-class: STANDARD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8AQx7EIVA81fRMd2KbLwlqJrYC84%2B64AwI7RCXmEJT0f65%2BPdOUr%2BnWmbVLskyuDIS5dVN6JRL20uLfZTqMadZc9k%2FyL3z3Pz5spLac4q%2F%2FDiOB%2Fi0dxzDeXc8W5v2aDyDPKOisJq2TEBHuEaWVXA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 2
last-modified: Tue, 09 Nov 2021 06:25:33 GMT
x-goog-stored-content-encoding: identity
cf-ray: 6b5b2ca6f87e0f52-MXP
content-length: 8037
x-goog-meta-height: 150
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of: 455975
server: cloudflare
etag: "8a705eff3b93b69977d540e62347a064"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=EMGfYg==, md5=inBe/zuTtpl31UDmI0egZA==
x-goog-generation: 1636439133660079
x-goog-meta-width: 150
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 8037
accept-ranges: bytes
content-type: image/jpeg
x-goog-meta-size: thumbnail
expires: Mon, 29 Nov 2021 20:32:51 GMT

GET
H2 200 chevronRightBlue.svg
hellosehat.com/images/ 220 B
477 B 39ms
39ms Image
image/svg+xml 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellosehat.com/images/chevronRightBlue.svg

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c602c30c3d0f3e39f0614adc49f0608431ad2aeb8078a98c3999fdc4d262a0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:23:27 GMT
server: cloudflare
age: 260716
etag: W/"dc-17d5ae9bb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDmUAMdENAi8W89P%2F5dNDb7EUTqoepvvYUTj9Wo%2B6gzhMqmcm8UtOh1nfJx9lgAkfm1K5MWHfhkWgVFsoq%2FU4YU41hfXt%2FULubekAhjdgFm3JSymSOpqtdcFfWkqPWBLuD5ZR2kF4R8Fvm5u"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca69f7d0f52-MXP

GET
H2 200 9d64b29d-allergeries.png
cdn.hellosehat.com/2021/02/ 8 KB
9 KB 1004ms
1004ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/2021/02/9d64b29d-allergeries.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 175f9ec4b0bac6de87bc3772384dddecca3d4260b8800e30dc32372cb75f8afb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdvqizObBHxsdYwTisYkS3BloY6G8YBH2ruTYz3hDHBsPmUugmglLb_Eo-l-30PkPZiXxUZnxbwznqma9GAcchZDNtVppQ
x-goog-storage-class: STANDARD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSSc0Swz3ZPRduNVHOK7DnN3lJKA8z3pnRNWVOGBlhqs9PMWx2w5F4s2uXYen7Q4H4ZcOhoIRTS2kNloV4AshCLb2nP8KNBH%2B0LQ1h6rlmYaT04UDVo1B8pUT9wAu2cyulztT19SorFwnQRhvSfCeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 2
x-goog-meta-object-id: 401018
x-goog-stored-content-encoding: identity
cf-ray: 6b5b2ca85c430f52-MXP
content-length: 8370
x-goog-meta-height: 400
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Mon, 22 Feb 2021 05:25:48 GMT
server: cloudflare
etag: "2dc9a8b12589e222df121701cbf7fbb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=ocVcCA==, md5=LcmosSWJ4iLfEhcBy/f7tQ==
x-goog-generation: 1613971547919871
x-goog-meta-width: 400
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 03a6069ab8097866e3a2ccdbf4442ae8
x-goog-stored-content-length: 8370
accept-ranges: bytes
content-type: image/png
x-goog-meta-size: __full
expires: Mon, 29 Nov 2021 20:32:51 GMT

GET
H2 200 56fd2fb3-heart-health.png
cdn.hellosehat.com/2021/02/ 7 KB
8 KB 935ms
935ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/2021/02/56fd2fb3-heart-health.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 195929c285c47fdcabb76bf8f0ff1ca459675b500e8ce2a2a0146f8cf2edbb0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdtECJlanVUTKMmor2nW1CZqI_XxVmvdrPnvexxoQu4A04RDuTRLT1S9R-K9RYtCQW7VHH0juM_hggjprMiCKPwsheTnJg
x-goog-storage-class: STANDARD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFRUTNNzllw8QbD3C4LnZigSx5ha9hOc%2BW44qQoEVxNb1fAxRrFof779O4DczQmSJCTVghz08kSdQNYpZaBDYl%2BPpeP7xIUcCa0WWEAuXsVkC4%2FlUZVXDvu98ckWerYvLKwKttX3ybf3RFPYIfveyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 2
x-goog-meta-object-id: 400989
x-goog-stored-content-encoding: identity
cf-ray: 6b5b2ca86c700f52-MXP
content-length: 7495
x-goog-meta-height: 400
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Mon, 22 Feb 2021 05:06:43 GMT
server: cloudflare
etag: "10e29a6691ec7d228b53a1b4dbf12a41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=/89VPQ==, md5=EOKaZpHsfSKLU6G02/EqQQ==
x-goog-generation: 1613970403454234
x-goog-meta-width: 400
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 3facdf0acb2dd18a34bf954b9ed94fbf
x-goog-stored-content-length: 7495
accept-ranges: bytes
content-type: image/png
x-goog-meta-size: __full
expires: Mon, 29 Nov 2021 20:32:51 GMT

GET
H2 200 d3f93184-respiratory-health.png
cdn.hellosehat.com/2021/02/ 7 KB
8 KB 908ms
908ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/2021/02/d3f93184-respiratory-health.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d580f72f847e60a90013190aacc108148bcd82d8115565fa80a5162d7f716bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdsT3NDX_mHeFQaUfg9kmEIc519DxwIkqt9jPNglkyNFuJyOq09aTBMpNuiLHXHUBy46mRLN1ntkqYYcSBHMIoh-ihfZRQ
x-goog-storage-class: STANDARD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rkj2z82rBgi74edOBI%2B1yLF3t8zUTChH1Q2yY1eaMWin4eDkukRLq4yzushBEfsqBTsSaOcL%2BS%2FVqWDbB9tw8nKamLVj%2BwXu5Yezovj6PKoeyZ0P%2FLWvazGo1Wu4P0SvaxvfptlVaAxCToHB6hgDiw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 2
x-goog-meta-object-id: 400993
x-goog-stored-content-encoding: identity
cf-ray: 6b5b2ca94e570f52-MXP
content-length: 7148
x-goog-meta-height: 400
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Mon, 22 Feb 2021 05:11:17 GMT
server: cloudflare
etag: "66cbde389aea503731d1272be47c1d30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=uheAPg==, md5=ZsveOJrqUDcx0Scr5HwdMA==
x-goog-generation: 1613970676955347
x-goog-meta-width: 400
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 9b21928fdc434ac4b1426fa4224b105a
x-goog-stored-content-length: 7148
accept-ranges: bytes
content-type: image/png
x-goog-meta-size: __full
expires: Mon, 29 Nov 2021 20:32:51 GMT

GET
H2 200 2e4904e9-cancer.png
cdn.hellosehat.com/2021/02/ 11 KB
12 KB 982ms
981ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/2021/02/2e4904e9-cancer.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f248d2fcc7ea94c9e58b1a4576dd2a68e1a6394066645e7fb2824c54525b200f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycduOkC3-mKOR1uhDelZc1TU4xxzGu2lFB_t-V3kjh7Y_JEV8TeKfXdWdrH3ChcFNnS65hCVFcjQj3jwvYXUwM99LmDIgDw
x-goog-storage-class: STANDARD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFir7JlGYv7%2FqmL9ypHBDpZXnc2WmksAFJQieXpSIhOnw8cFG1yuqNYhfx%2FVPpSBOxNvA980QuP5F9DfPg7z2%2FR9Z9CJWUFaNqiy07Yg9L8Eq%2B0jYre1qWerGqlODfnOihSgYEqzXYQPhTFatIpr%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 2
x-goog-meta-object-id: 400998
x-goog-stored-content-encoding: identity
cf-ray: 6b5b2ca94e840f52-MXP
content-length: 11230
x-goog-meta-height: 400
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Mon, 22 Feb 2021 05:15:23 GMT
server: cloudflare
etag: "b2475c29dc0fc63c748091f2744934a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=3HhJyA==, md5=skdcKdwPxjx0gJHydEk0qQ==
x-goog-generation: 1613970923784160
x-goog-meta-width: 400
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 36773cc99dd1d5384be7d7b68499840a
x-goog-stored-content-length: 11230
accept-ranges: bytes
content-type: image/png
x-goog-meta-size: __full
expires: Mon, 29 Nov 2021 20:32:51 GMT

GET
H2 200 adaf65f6-urological-health.png
cdn.hellosehat.com/2021/02/ 6 KB
7 KB 974ms
973ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/2021/02/adaf65f6-urological-health.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 234936430f437c85cb51acd4fd9de42ec07f69c28d7534ef5b3a9b8694c6385e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdunrkjlAIp7Hm_xgCsKHE_PMmCyoMB-2it9AtYkWWALkclEDdw-GMGi3AFwdbtrYj-xVryfUfNxJ9VJqD8487pR0bTbig
x-goog-storage-class: STANDARD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxZKVL0fgMjrz3BznRDPG3l73J54GPTImbppF8sTkbITMg4B8quXqZ0yPxT1CzrIGYPyl1%2BYLzp9id0wNarxy60FmwiITiKCe31QcSV41LXevjIM60oa60zAhCoM9KKegWdYdLd2hgd1LSQw4nhXAA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 2
x-goog-meta-object-id: 401029
x-goog-stored-content-encoding: identity
cf-ray: 6b5b2ca96ea10f52-MXP
content-length: 6390
x-goog-meta-height: 400
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Mon, 22 Feb 2021 05:46:42 GMT
server: cloudflare
etag: "4ca6e9785daed7460161461daf31bd71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=d59fYQ==, md5=TKbpeF2u10YBYUYdrzG9cQ==
x-goog-generation: 1613972802578802
x-goog-meta-width: 400
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 1b4ce1e43b6311808f2d169b1ede338b
x-goog-stored-content-length: 6390
accept-ranges: bytes
content-type: image/png
x-goog-meta-size: __full
expires: Mon, 29 Nov 2021 20:32:51 GMT

GET
H2 200 43faeb9c-diabetes.png
cdn.hellosehat.com/2021/02/ 7 KB
7 KB 758ms
758ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/2021/02/43faeb9c-diabetes.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26badbcc2570b13481eb687d0c37e119ff2fe6a49cb03b7f10037137c9294079

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdsyupQ2KRFDJ2w1RDdbdb4qmutjTMkYd0JcfGdpsHmsIsZSIZYzFolbJbl1azAO8wLH5tqjQXQCkfglF07M68CAQLkqgA
x-goog-storage-class: STANDARD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EENizriOsDFgKD3r3AfDkNtVG364RPPKFfdIugnD6JGsVXYW%2F8LAo%2FJX5VsJqpL2DK%2Bx9LwINhVMxSnqNaFCncGO6rHnMLlqcNyU21n4oltBLf%2BnsVvizCjhepmCrX38NaU%2FnE4w85cBGsCipiNsfA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 2
x-goog-meta-object-id: 401052
x-goog-stored-content-encoding: identity
cf-ray: 6b5b2ca99ef80f52-MXP
content-length: 6744
x-goog-meta-height: 400
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
last-modified: Mon, 22 Feb 2021 05:57:30 GMT
server: cloudflare
etag: "5811814ab6046a8ccf7230a317fe2d5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=asylIQ==, md5=WBGBSrYEaozPcjCjF/4tXQ==
x-goog-generation: 1613973450260391
x-goog-meta-width: 400
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 1757a1c536f548d79426b4beee04b0ac
x-goog-stored-content-length: 6744
accept-ranges: bytes
content-type: image/png
x-goog-meta-size: __full
expires: Mon, 29 Nov 2021 20:32:51 GMT

GET
H2 200 6bd9c811-dr.andreas-wilson-setiawan-150x150.jpg
cdn.hellosehat.com/wp-content/uploads/2021/07/ 3 KB
4 KB 50ms
49ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/07/6bd9c811-dr.andreas-wilson-setiawan-150x150.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbfb7219560f3526872ce3da2ef95481b0076721f13615b473917bfa4966b497

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=xSR8mw==, md5=v/a4+acMTSEGnYNDTMS6Sw==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25393
cf-polished: degrade=85, origSize=3325
x-guploader-uploadid: ADPycds-L4T-YegeFMTJke7gWfoQYoG4CpHzB2xN_ePRAWHvQX97fP3ZRcNhfReHAYY8lXZZ1_GBAwNySCfcXzDoPrp7rHZHTw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Thu, 08 Jul 2021 06:49:14 GMT
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 3238
x-goog-meta-height: 150
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 13:29:39 GMT
x-goog-meta-child-of: 434989
server: cloudflare
etag: "bff6b8f9a70c4d21069d83434cc4ba4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2PmrUWnNiGn6k0yr12YyX4WXK%2FG%2FJD1X7OcQb8ZLj0OmMR1PdxTq4ICALSk8LLsv1Cox0BLJGIRnJVYaKQ%2FGb%2F3Ds2BIyWI0kWGSOCbqeGvUo%2F%2B4GbeDpwxevsYEFx%2BFuB07fp72ti1uf6e%2BzMxJg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1625726954131591
x-goog-meta-width: 150
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 3325
accept-ranges: bytes
cf-ray: 6b5b2cae4b6d0f52-MXP
x-goog-meta-size: thumbnail
cf-bgj: imgq:85,h2pri

GET
H2 200 toolsIconBmi.svg
hellosehat.com/images/ 12 KB
5 KB 49ms
48ms Image
image/svg+xml 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellosehat.com/images/toolsIconBmi.svg

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fc87cc4a96100455e7995a1cc7b707d537ea4847d9f354883bb755b79f70aea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:23:27 GMT
server: cloudflare
age: 208444
etag: W/"3091-17d5ae9bb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEn5kHJUKr53T8BCTOioFuqzl0umAzAeV5vUESkBPRuh74YVQYRU8lll7J%2FIjLSnnfYKByzqwgtEMLxgVqUyXh%2FLd2NUDma5H2Ad9yQRjxV3HwSRFfiRK8RsJzeoDigVMGroZ98rBPVlCTTS"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca6bfce0f52-MXP

GET
H2 200 maleIcon.svg
hellosehat.com/images/ 4 KB
2 KB 67ms
67ms Image
image/svg+xml 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellosehat.com/images/maleIcon.svg

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c2fd2fac13b6c4348d9e73a032dfd0b2b1131c9b927f5cd74402a1084684133

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:23:27 GMT
server: cloudflare
age: 208443
etag: W/"109a-17d5ae9bb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOf29daNIRygOmFFajPFu7vA7%2FAkAVMIc8z%2B6jQ%2F4SONv1%2F4SriqZjUSjLmQSil5BxHNku4N42BriewcAQ2CWAkE6fUaqTZq1gF1J42es3Wqedqj7z1ZLgV1fEsRDZD8bfLk4eZIV35ebww8"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca6bfcf0f52-MXP

GET
H2 200 cc75224b-small-banner-1-488x650.jpg
cdn.hellosehat.com/wp-content/uploads/2021/11/ 35 KB
36 KB 49ms
46ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/11/cc75224b-small-banner-1-488x650.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb25862428574b1f6c81b69a00cdc0c46a584a2a83f1e9500bad9701ff570372

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=mBekkw==, md5=y/6Ew7MbUEm4aNA6PZAnhw==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17727
cf-polished: degrade=85, origSize=49490
x-guploader-uploadid: ADPycdviGlU9Iz3ad9A5CM8r6s2L7flRM1FSfWx7IRTaTQPTVdJfnbqxkIJlmO2tnve7QPHrA7PDb-YMXb9_69EVmO1baJo6Zg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Fri, 26 Nov 2021 02:27:39 GMT
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 35934
x-goog-meta-height: 650
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 15:37:23 GMT
x-goog-meta-child-of: 459108
server: cloudflare
etag: "cbfe84c3b31b5049b868d03a3d902787"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJJjcLZFmcRdGAFlOQXqdutsHsVPhSbMnzTvbU2iDQ1dlgqDteMQvSc3YOfLzjv1QIBzuDFNj%2FR1KRRARkbyoTv1d%2BerqRZDww8p6xtyFgmQbNbSkEujAMMY9O1OiUrCBSs6a9NGa1sqCvV30%2BPsig%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1637893659608683
x-goog-meta-width: 488
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 49490
accept-ranges: bytes
cf-ray: 6b5b2ca6e8610f52-MXP
x-goog-meta-size: spine-image-medium
cf-bgj: imgq:85,h2pri

GET
H2 200 ce3ee5e8-gagap-_343-x-375-469x650.jpg
cdn.hellosehat.com/wp-content/uploads/2021/10/ 33 KB
34 KB 85ms
82ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/10/ce3ee5e8-gagap-_343-x-375-469x650.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73a8c8b71c727620ddf45dab25613dd77a27b466b81f91fc9973b757688db843

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=dBe5fA==, md5=mZV/d5RyuX57SkliFw0LCQ==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17728
cf-polished: degrade=85, origSize=69394
x-guploader-uploadid: ADPycdtde-4Az29zGYmWvnI3UPw03-_HpzPoykxFCpf3s7ZCAKX8Cl4GZQJaqASChAaZ5YHcTwGA4SHF8OK7Vv59HWE
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Fri, 29 Oct 2021 09:50:03 GMT
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 34149
x-goog-meta-height: 650
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 15:37:23 GMT
x-goog-meta-child-of: 454391
server: cloudflare
etag: "99957f779472b97e7b4a4962170d0b09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxyrTW%2FTtPM8MJoq9MrHTBMQkv2kKeqTXh1IYJ2ZLK49kGZ2TQmGjl1uveAEy17knM0icbYmHnCM%2FZURy2O%2B%2BKDJkFmSzmwqB4D9KJjmbCqAjgoNAiN%2FOxpYLrC3BxVrotYhlGRVoYhGBOdZTJOVgw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635501002957336
x-goog-meta-width: 469
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 69394
accept-ranges: bytes
cf-ray: 6b5b2ca6e8600f52-MXP
x-goog-meta-size: spine-image-medium
cf-bgj: imgq:85,h2pri

GET
H2 200 48cb3148-kanker-payu-dara-_343-x-375-469x650.jpg
cdn.hellosehat.com/wp-content/uploads/2021/10/ 31 KB
32 KB 53ms
50ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/10/48cb3148-kanker-payu-dara-_343-x-375-469x650.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e48da5c4236c217961471989e60e050251d70dd293731d5884f54c020f5ddcb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=3xPSSg==, md5=vsUOs8X9qK23/xYdkAts1g==
date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17727
cf-polished: degrade=85, origSize=67349
x-guploader-uploadid: ADPycduVnRylY_H-5PCXjqntTgceN3dum7ziaMGw1HSYwL1QuatSFudJzUL722rI-ORpnjIIaFXtw06d6hwjCLcEwez4o1plEA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Thu, 21 Oct 2021 02:58:59 GMT
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 32093
x-goog-meta-height: 650
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 15:37:23 GMT
x-goog-meta-child-of: 452347
server: cloudflare
etag: "bec50eb3c5fda8adb7ff161d900b6cd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqqikX76RZRCZUAGgSQVlucI7RTTPVrh67AnDrG6l75zrr1J7XkPeR6vBvxQbaXu19j3e3OohEZ2RcRT5DS7d%2FVXrUSpO%2BBPT7tC8S4g2%2Fl%2BbP7Wd%2BbIXJqo01oWE8PnBDbvxB%2FbqoJZgG4KPgbDQA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634785139533163
x-goog-meta-width: 469
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 67349
accept-ranges: bytes
cf-ray: 6b5b2ca6f8700f52-MXP
x-goog-meta-size: spine-image-medium
cf-bgj: imgq:85,h2pri

GET
H2 200 efe7a287-kekerasan-verbal--469x650.jpg
cdn.hellosehat.com/wp-content/uploads/2021/10/ 63 KB
63 KB 59ms
56ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/10/efe7a287-kekerasan-verbal--469x650.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b6b2d4bc3cea5835ff36f284c438e37f5dbad2786afd8cec3200063124fcb6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17726
x-guploader-uploadid: ADPycdtKxZYp9YrmvtVZ0qqRbVKKr_uB-TcRSVSv2kwLwXghT3a7GvCseKH3ednGqgwIbiA3eKm4b0kRioPUKF77nv-TIJSKbw
x-goog-storage-class: STANDARD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxuITkXzjrttoMAFmBeWweLq7n5CKZsgN%2FpB5qg%2Bu%2B%2FmFnLC7QdhHHpwMYZ0gnd6pREIH3aqoZ8%2BghBI9pQa7JV3iZUdVt2Zkt4PqAdOCurkR%2BWHBoA6f1rzTYrk1jRRSnCOiIBtK69Op5mD6EOHYw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 2
last-modified: Sun, 17 Oct 2021 12:20:57 GMT
x-goog-stored-content-encoding: identity
cf-ray: 6b5b2ca6f8720f52-MXP
content-length: 64132
x-goog-meta-height: 650
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
x-goog-meta-child-of: 451639
server: cloudflare
etag: "9c6a3b0628bf1bdb08a7f4b213de4b48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=tMVKUg==, md5=nGo7Bii/G9sIp/SyE95LSA==
x-goog-generation: 1634473257793473
x-goog-meta-width: 469
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 64132
accept-ranges: bytes
content-type: image/jpeg
x-goog-meta-size: spine-image-medium
expires: Mon, 29 Nov 2021 15:37:24 GMT

GET
H2 200 toolBannerBlue-circle.svg
hellosehat.com/images/ 2 KB
1 KB 53ms
53ms Image
image/svg+xml 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellosehat.com/images/toolBannerBlue-circle.svg

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22b438000f5239d2ec139fe079ef7d0de1d1ce30b2c55585414a19830fce2bdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:23:27 GMT
server: cloudflare
age: 208444
etag: W/"8d3-17d5ae9bb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZ3cH9dvEVr9E96ztJ4lfTAVEuNzMb69%2FlxlsC4cUrz2ulXNo9ns25Tap8NGJ7HErZPMg6HvS5LZb9xCDGp%2FBQGWPxMK2yInQJgPMfNTJeULEOuj9QJ1cHg777GZTHfjUXUK6L3GTn0O%2BgWt"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca708950f52-MXP

GET
H2 200 femaleIcon.svg
hellosehat.com/images/ 6 KB
3 KB 44ms
42ms Image
image/svg+xml 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellosehat.com/images/femaleIcon.svg

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf4c58655ccce3642c87e8591956ef9de8f3000686f58cb69ba166c1146e32e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:23:27 GMT
server: cloudflare
age: 208443
etag: W/"179c-17d5ae9bb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuJbElAHpHfADl2oPMfv%2FXTFv7BrfY0GwwAelDp33V9nQS7GqPP%2BD9ys1cqzd5QdgCIz%2F0VFJSKBXb%2FcLqlqkwIeizFD1tgXsIyNWHp%2FFGLcCY0D2uIjt5llc0T%2FcgwrF1SbUteWHo5IbPdt"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca81b770f52-MXP

GET
H2 200 96f90d5c-drg-nadiya-150x150.jpg
cdn.hellosehat.com/wp-content/uploads/2021/09/ 4 KB
4 KB 73ms
72ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/09/96f90d5c-drg-nadiya-150x150.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9f9bbbfbd2aca097b350c02fdda05e72ccab0c9b56a29576a0688f121ef09bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=Ikd+iw==, md5=tzaTQakj1yYM3Y3ovk5GvQ==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 444
cf-polished: degrade=85, origSize=4055
x-guploader-uploadid: ADPycduOmsfZklU4PjHwRPiqDjXyvReeGX6-RNKo5bHuIfMwzJXOhbI4tz3Sj9T2kp1PThQjYALSqrlBbwErrB4sdOCxg6TJNg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Wed, 29 Sep 2021 01:32:26 GMT
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 3928
x-goog-meta-height: 150
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 20:25:27 GMT
x-goog-meta-child-of: 447707
server: cloudflare
etag: "b7369341a923d7260cdd8de8be4e46bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwR7FbS5T6wH2DtLL%2FujVB4ESwgbaMkjwOF9fuD1y2qaAToqoDKA41FLwAqylNPT7ol%2Fj6cgLKuvd8nx3KVA8reUxh%2FAHGoeh9OsHaKz0IY3Tys5oXqFjhKlfGz892hlTgvOYpqWQsKlsd9boloe5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1632879146080498
x-goog-meta-width: 150
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 4055
accept-ranges: bytes
cf-ray: 6b5b2cae5b850f52-MXP
x-goog-meta-size: thumbnail
cf-bgj: imgq:85,h2pri

GET
H2 200 b455cd6b-dr-bob-150x150.jpg
cdn.hellosehat.com/wp-content/uploads/2021/09/ 5 KB
6 KB 50ms
50ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/09/b455cd6b-dr-bob-150x150.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0955965a084fd4ef9987320e207cf1b5af2d4456d99149accf25aafb42c049d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=9ed4uw==, md5=0OyOPGGv2+tkd9WFqMIj+w==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 444
cf-polished: degrade=85, origSize=5225
x-guploader-uploadid: ADPycdsQHjiuHPQLcURSHI3-DMnjhlruPCyGuQbgXzBzF96JsC3A7upIP1fACBd98RSqfX1c5Hkvg2YqPuuQvnCBScefG3YYbQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Mon, 06 Sep 2021 06:49:46 GMT
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 5057
x-goog-meta-height: 150
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 20:25:27 GMT
x-goog-meta-child-of: 443881
server: cloudflare
etag: "d0ec8e3c61afdbeb6477d585a8c223fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kdCKH7NemgbjXj13HxHwCAKdV%2Bq4nfHSnV44T0Lvg43hW%2Fo%2FajUZqOX9EXAETVFNybZYIeLAtjsClLoQuhm0a2lsMZpHbaT6eKz6ssVquEo3qIi3m3ZdaF8zpHbX7SpDR4OKu19YTvSPKrZu0fD3g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1630910986193805
x-goog-meta-width: 150
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 5225
accept-ranges: bytes
cf-ray: 6b5b2cae9c270f52-MXP
x-goog-meta-size: thumbnail
cf-bgj: imgq:85,h2pri

GET
H2 200 df199eac-foto-profil-apt.-seruni-puspa-150x150.jpeg
cdn.hellosehat.com/wp-content/uploads/2021/09/ 6 KB
6 KB 45ms
45ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/09/df199eac-foto-profil-apt.-seruni-puspa-150x150.jpeg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02fbfeea44d9f030db4a0ccea2ed1bab27a11d04f495874bd10be9c83d919113

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=9UY6vw==, md5=jt3UHQEdIR82fwgtfITiHw==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 444
cf-polished: degrade=85, origSize=13999
x-guploader-uploadid: ADPycdu0FA60BJEhyKRezJr2a7oCB6CwaZp0GjXyRAPV1Yf6ZNN6gA6IiEOAAyez9VqBhn0FRuw0Ge1Pi6R7fqzqW0rPWPSZ-w
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Fri, 17 Sep 2021 05:15:35 GMT
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 5791
x-goog-meta-height: 150
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 20:25:27 GMT
x-goog-meta-child-of: 445816
server: cloudflare
etag: "8eddd41d011d211f367f082d7c84e21f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCl3TVpl8OaCdrKguclhewZYqA4Q9pCzgC5DQwiBmtVdauF8yo5qv8InZcHTqWXSEOvOO6fm5WXZiHL9trc1XhlEsqlo8IOoAYknteuHZZ%2FkbHDagFy5J8%2B2McjviWe0rPDw6fCnp3yB%2BxxnF5RFSw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1631855735810383
x-goog-meta-width: 150
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 13999
accept-ranges: bytes
cf-ray: 6b5b2cae9c390f52-MXP
x-goog-meta-size: thumbnail
cf-bgj: imgq:85,h2pri

GET
H2 200 dr.-Kristina1-150x150.jpg
cdn.hellosehat.com/wp-content/uploads/2019/01/ 3 KB
4 KB 63ms
62ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2019/01/dr.-Kristina1-150x150.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b08ca073e776f8d59740788e00d84d178e06eacda305153540ec6beac726fc66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=I4VW1A==, md5=yCOdhtHs2shol5H2RWeqlA==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1548821887
age: 17727
cf-polished: degrade=85, origSize=3860
x-guploader-uploadid: ADPycduwXdJdm4C7890DaB5PYb6eM4S66QhvNL6Ry0144RlfIh1590weChXyYQpt0mj3sCC5QlZihtkYVoefxlQApNrPQriLWQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 3335
last-modified: Fri, 26 Mar 2021 09:04:01 GMT
server: cloudflare
etag: "c8239d86d1ecdac8689791f64567aa94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTP0tgkwEXEBHqq8zKQC8o0h2%2Ffj%2FnVxC1BG48MtbHUyYCZe7hpn4BbZn3GASVys1xgIwG2%2BnsT8VyXL78NDs1ChbeCAPN0WpfYJsNXWxynHxIwu4SW5BLqfnaaSVwZbT%2BsAsVZMWLZlfMCYioxdBA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1616749441233159
expires: Mon, 29 Nov 2021 06:37:25 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 3860
accept-ranges: bytes
cf-ray: 6b5b2caecc9d0f52-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 64d2215d-dr-lusiana-150x150.jpeg
cdn.hellosehat.com/2021/02/ 4 KB
4 KB 68ms
67ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/2021/02/64d2215d-dr-lusiana-150x150.jpeg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecde615f07a602ce6b525c3ff1fbc69a7d00024d424b0f27c0f18aeae0959297

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=BrCCsQ==, md5=YpMnliqgyP887zp5wbty9Q==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17727
cf-polished: degrade=85, origSize=4004
x-guploader-uploadid: ADPycds_U8_HCS7nEbr09HjJLN0cbNeofgGNIZ5exbGBbgzFccMg6Z1vOlKzJ1gcBZc2UbnA3XMx39CXWVind3E1AW30GD-zPg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Thu, 11 Feb 2021 02:04:12 GMT
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 3936
x-goog-meta-height: 150
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 15:37:25 GMT
x-goog-meta-child-of: 399092
server: cloudflare
etag: "629327962aa0c8ff3cef3a79c1bb72f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5I%2FCSJR7Jq2u68ZslHv7AbC3qxvI1Ah7U23z4kK44ssq3Hom0y5XDiRQm2RXlhw%2BCVXONjGm0DBobxKAvEGiHNks3STdLZussM7HiZM8JzpIW54Ki2ln0FAXobX%2BF%2BHU4iMqRn3xZOZ3k3KkGWk8VA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1613009052555347
x-goog-meta-width: 150
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 4004
accept-ranges: bytes
cf-ray: 6b5b2caeed010f52-MXP
x-goog-meta-size: thumbnail
cf-bgj: imgq:85,h2pri

GET
H2 200 1054771e-andreas-150x150.jpg
cdn.hellosehat.com/wp-content/uploads/2021/09/ 4 KB
5 KB 42ms
41ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/09/1054771e-andreas-150x150.jpg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 594f97850153846b8103d82932f24ab98691a4361c65ca10b26f433fbde9fc0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=6x2/TA==, md5=sd3V8jSUAV5u6S4/6/omkA==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 445
cf-polished: degrade=85, origSize=4927
x-guploader-uploadid: ADPycdtbJ-kLW2siLXx329mQln5JdGT8M_Hr6o_VxMuqo-223EWkhbtMaCx6bDS9YRp4D9dG3W98Xk56K-mkGW-uGGKQs1aIHQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Wed, 08 Sep 2021 09:02:53 GMT
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 4590
x-goog-meta-height: 150
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 20:25:27 GMT
x-goog-meta-child-of: 444391
server: cloudflare
etag: "b1ddd5f23494015e6ee92e3febfa2690"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0l7w52W4h5HDwEmRGSaCjDER%2BVDU2KQJLE8luuHirE%2BelBxiYWizYraFlPChmeBhEpkd%2FE%2Fdrel4sbgQyKN4u8cbNzRkyyakX2wONKPdbcTIv39fWkxcZehZEKsUT2BQYbplXDbncDElp4yhkIN5A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1631091773576923
x-goog-meta-width: 150
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 4927
accept-ranges: bytes
cf-ray: 6b5b2caeed030f52-MXP
x-goog-meta-size: thumbnail
cf-bgj: imgq:85,h2pri

GET
H2 200 ba2f2b34-whatsapp-image-2021-10-22-at-11.04.32-am-150x150.jpeg
cdn.hellosehat.com/wp-content/uploads/2021/10/ 3 KB
3 KB 43ms
42ms Image
image/jpeg 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/10/ba2f2b34-whatsapp-image-2021-10-22-at-11.04.32-am-150x150.jpeg
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78387df2ae341fc5ce7674e93bbe99c7cd70d8e9cf034e723621096c97fee860

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=zC/nAg==, md5=7YZEsHlKRTYpLDWxsm66Dg==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 444
cf-polished: degrade=85, origSize=3031
x-guploader-uploadid: ADPycds4ManRdOJ4kZMazlWEUNgB74Xk4NfQAw438N0FJlQ9sVafI9wq10sRbvjlgvada4FeWQGC9E--UWft_gmZrpVX7luePQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Fri, 22 Oct 2021 06:30:14 GMT
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 2873
x-goog-meta-height: 150
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 20:25:27 GMT
x-goog-meta-child-of: 452835
server: cloudflare
etag: "ed8644b0794a4536292c35b1b26eba0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ms8XEorjyQEBbc42pUc%2BBmYV47X0MXDtF%2FOhRY9etZfq54frwbTZbwq8fhs6kOlaocS5tCc3h5cCeCn1QIFyqyRO4hzZjuaYwN1Wmzq1U6CweKUEIus0GJpuWcmoKCYw%2BrHS1TPkpNelN4uV7wqTww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634884214312620
x-goog-meta-width: 150
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 3031
accept-ranges: bytes
cf-ray: 6b5b2caeed050f52-MXP
x-goog-meta-size: thumbnail
cf-bgj: imgq:85,h2pri

GET
H2 200 2d47e41b-screen-shot-2021-09-14-at-9.16.26-am-150x150.png
cdn.hellosehat.com/wp-content/uploads/2021/09/ 27 KB
28 KB 56ms
50ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/09/2d47e41b-screen-shot-2021-09-14-at-9.16.26-am-150x150.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d75ff760beb35512790089d33edb9e817238246c13c9253e2ada5a7825ad3ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=dWPy8A==, md5=tBFMyN2v1JuCPTZjo5LtkQ==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 444
cf-polished: origSize=28107
x-guploader-uploadid: ADPycdu4rVcnO4PGLd9MmoBvWMrx28c6OupNtVpFJg7FojiGG-Dlgxmch8hh--0UAzohYAJkbiLZGxoU8RtzQcI665dJVOLrKw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Tue, 14 Sep 2021 02:41:23 GMT
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 27836
x-goog-meta-height: 150
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 20:25:27 GMT
x-goog-meta-child-of: 445094
server: cloudflare
etag: "b4114cc8ddafd49b823d3663a392ed91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnrZBm6b54CYxudf4lKT3PR3tMDksyysnrDWoTjskDjKmg5Fo27Ob5gBFGBjqBEgVYRIik7r3Q2iM%2BRy3I5Sruv3IucoNEX6fhLbr1Y%2FmqBrd%2FoyRv5XkEjPObecAy8lHSi%2BDesdwWpfZVKFzgHPdw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1631587282994736
x-goog-meta-width: 150
cache-control: public, max-age=31536000, must-revalidate
x-goog-stored-content-length: 28107
accept-ranges: bytes
cf-ray: 6b5b2caf3dd90f52-MXP
x-goog-meta-size: thumbnail
cf-bgj: imgq:85,h2pri

GET
H2 200 e3b921b9-logo-2.png
cdn.hellosehat.com/wp-content/uploads/2021/08/ 6 KB
6 KB 54ms
52ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/08/e3b921b9-logo-2.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74edf718d73f502e60ac6438d410a47c424bc7e6e302abd66bc218db338013db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=8NlvCg==, md5=MTy/FaxZVVNPBGaifyiUWQ==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25268
cf-polished: origSize=8525
x-guploader-uploadid: ADPycdvzhrpyCixAi_yV_zCKRumQTm8udZeUg7pggFyOzfLgNePvPhow23_LvFx16GRrI7iOBJT6D8g08P3O9HAIwTM
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 442370
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 5994
x-goog-meta-height: 48
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 13:31:44 GMT
last-modified: Tue, 24 Aug 2021 04:53:05 GMT
server: cloudflare
etag: "313cbf15ac5955534f0466a27f289459"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4GlzZedoSrA4dhXLG3ZdgwHlGTO0LZ6JnUYMf6Dqo3f80O141UD78sVVEdzw%2FzyV%2Bqk2t4A15xAGiJJk0gufYldGidizIqSVp8alcidWcKMja%2FlDWGvkAHTxy0i9rKd0lShMjRyVl%2FXKidmgF9M%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629780785629069
x-goog-meta-width: 374
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: df80a316d91c2096e2734df8c09712a1
x-goog-stored-content-length: 8525
accept-ranges: bytes
cf-ray: 6b5b2caf3ddc0f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 f1e1a6e9-facebook.png
cdn.hellosehat.com/wp-content/uploads/2021/08/ 496 B
1 KB 51ms
50ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/08/f1e1a6e9-facebook.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4fa960349375f4943bb74165439a2d534a0eead7e15acfec8143f9d3663d0a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=G5QIoQ==, md5=7fOL/HIiPZrEkDXFjT6Nlg==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14696
cf-polished: origSize=773
x-guploader-uploadid: ADPycds4dk0NQ8Wv70Yh3ZcNDyqSLCe6ehx-vxG_84V6JTbO8ylGXMx1GWihW-sUrPBjggHKmnAzrAwBL3L0-3BLw7c
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 441767
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 496
x-goog-meta-height: 64
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 16:27:56 GMT
last-modified: Wed, 18 Aug 2021 09:16:21 GMT
server: cloudflare
etag: "edf38bfc72223d9ac49035c58d3e8d96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTCQ%2BeXgudCdv%2BnamxsX9NdB6ZWZtqNWyGfCMpqntSzpZq0%2FQzZbeAikExVTIyrN67qK%2B3Xr%2BQtOCIcjDfAZk1%2Bl33906k1U2wErx5ZMp6V8k8v6K09s3FOgLj9EMxbwWxnweZvxutK9j9K5kTWDww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629278181216216
x-goog-meta-width: 64
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 79bd6af4c815f4314cf6d895a3b23fca
x-goog-stored-content-length: 773
accept-ranges: bytes
cf-ray: 6b5b2caf3de30f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 5623dbaa-instagram.png
cdn.hellosehat.com/wp-content/uploads/2021/08/ 6 KB
7 KB 43ms
43ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/08/5623dbaa-instagram.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87fd121893be089bb23e1793ed15beae6d8e2deff7f2837ef61728688ba8e785

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=cs3/hw==, md5=KVrFZ/+Xmz9jt+joHAppqA==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10367
cf-polished: origSize=6444
x-guploader-uploadid: ADPycdtVknXYzgCpuJCcDH60QzytaXACU8elSuqnb5Ue-tCjWuslFW_RwK7MrFNkSCa5Iz7WfxdwbGhvbdiklSe9Odo
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 441768
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 6250
x-goog-meta-height: 64
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 16:27:36 GMT
last-modified: Wed, 18 Aug 2021 09:16:31 GMT
server: cloudflare
etag: "295ac567ff979b3f63b7e8e81c0a69a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXXAiZaSBaiYNIIKWW%2Fl4RzHYX8K%2FoH%2B2b6nS0AzS2gMaID3s%2FL%2BomipEoVfb9pV4NY9I8%2FRyoIF18OY0GLq1NC0AfpxO69BH9MDxnfRN8Q2LNlbA8uGTiaTds2ewAgnZ2471b4yDt%2FrEANKkHSTKw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629278191780205
x-goog-meta-width: 64
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 96fe2e25e09ffceb996ede01e3d95949
x-goog-stored-content-length: 6444
accept-ranges: bytes
cf-ray: 6b5b2caf5e2f0f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 47e0a5e3-linkedin.png
cdn.hellosehat.com/wp-content/uploads/2021/08/ 536 B
1 KB 42ms
41ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/08/47e0a5e3-linkedin.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a59ab4648b8353801f24fe904d10594c5e3fc2a678745047f337fd77e1c0c96f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=hCJC2Q==, md5=jg+mGV518gkPFJ3cSF/N3A==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
age: 14696
cf-polished: origSize=893
x-guploader-uploadid: ADPycdvu82NccFPy2RPqMJhmdQtxRJpGhAHgJ6LF9PanpUb-lJ6WaB1CFOB_I8HnOUe9vIR7IgocDRctRoImP5vzPJU
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 441769
x-goog-stored-content-encoding: identity
content-length: 536
x-goog-meta-height: 64
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 16:27:56 GMT
last-modified: Wed, 18 Aug 2021 09:16:42 GMT
server: cloudflare
etag: "8e0fa6195e75f2090f149ddc485fcddc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: image/png
x-goog-generation: 1629278201892998
x-goog-meta-width: 64
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 087780c3e508a1fd74f3eff08b26dafc
x-goog-stored-content-length: 893
accept-ranges: bytes
cf-ray: 6b5b2caf7e6d0f52-MXP
x-goog-meta-size: __full
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
cf-bgj: imgq:85,h2pri

GET
H2 200 56f0dafa-twitter.png
cdn.hellosehat.com/wp-content/uploads/2021/08/ 656 B
1 KB 61ms
60ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/08/56f0dafa-twitter.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d49532edeccd15e2611cc716d18eb3c2044c97f2507b6e3c56fa11fb5efef43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=O/MAjQ==, md5=NBEv4LRTCvpIvwf9rnTOMw==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13703
cf-polished: origSize=1129
x-guploader-uploadid: ADPycdulBF7bH83Lcq_mE2jla2vZjBL9LBCe_UlaQXU7zB5klu03-LDmnGB7CvIHAuNEno8EURDoLNa29f_dcB83tWY
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 441770
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 656
x-goog-meta-height: 64
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 16:27:36 GMT
last-modified: Wed, 18 Aug 2021 09:16:53 GMT
server: cloudflare
etag: "34112fe0b4530afa48bf07fdae74ce33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7A84sIa7ovhbzoUx2cP%2Fx4%2Fbb8Pd5lDbzoC6bXzwY8hdKl%2FTeNKBBDsSYTWkWW9JJXz8zGLHGAi9WXJOc1DERmpOFtRh%2BVfo11PGM6Y91Yj%2BBDAsilERrpWh5dJAatvSbNKVRtE8X%2BtCxiMdeMQ3bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629278213623198
x-goog-meta-width: 64
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: d218ad27566f19c920bb18c6955e6af4
x-goog-stored-content-length: 1129
accept-ranges: bytes
cf-ray: 6b5b2caf7e9c0f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 bce8edc5-th.png
cdn.hellosehat.com/wp-content/uploads/2021/08/ 761 B
1 KB 47ms
47ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/08/bce8edc5-th.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90815e79e010de7cf9b3975b73718d611b55c758056d5ee409a59194e387ac62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=5szG8g==, md5=Q7UYXw9Gp/dRcby2RWMjGg==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8932
cf-polished: origSize=1050
x-guploader-uploadid: ADPycdvQM_uW1aLFDCG7Ks0MtBdu-fCoU5LkE5-nBjnHUfStX_ponSJSjUpAQ77Ia34GkrbDQ0psih9v13l5_-cP4C4
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 441771
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 761
x-goog-meta-height: 56
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 18:04:00 GMT
last-modified: Wed, 18 Aug 2021 09:18:01 GMT
server: cloudflare
etag: "43b5185f0f46a7f75171bcb64563231a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8%2FiqbzJ%2BcZrYiUs7bGfFmCW%2FoQ4yA0P2gs6idrAujW406jVLGmI%2BKrIHUwyXdpO9a8SAHzI90Sy9hM24Z2K5sztjSHND7lEoOlNe7RPm6DRhrf5ox7oad1xpxCmdniWn6UuP%2Fgo8YvxxecB0Bzf8w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629278281156049
x-goog-meta-width: 56
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 1165eb3bd981d06efb1ca1a9e8334f1d
x-goog-stored-content-length: 1050
accept-ranges: bytes
cf-ray: 6b5b2caf8eb20f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 ab58936c-my.png
cdn.hellosehat.com/wp-content/uploads/2021/08/ 1 KB
2 KB 49ms
48ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/08/ab58936c-my.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9546920b87935e7fafc877cbb68c9c926ab302ff22bd4491233d2770a3dd533c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=mpfNag==, md5=5a6PVpr2reBORt6zTFwQHQ==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8932
cf-polished: origSize=1730
x-guploader-uploadid: ADPycdtxB7_XPEmAm4wAwm16mhId8BmTe3vGE_QuKDy4uu9z_zOA-BKpRNz2NDWMB9rQZljUmITd7xQ1IA1e1SdE_JA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 441772
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1156
x-goog-meta-height: 56
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 18:04:00 GMT
last-modified: Wed, 18 Aug 2021 09:18:13 GMT
server: cloudflare
etag: "e5ae8f569af6ade04e46deb34c5c101d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wRd%2FrIFeguyO5PPC%2FeUXZDRiGjAekgusPuE5jiwS28lOwCgSV2Npf0R8r7b%2B84WAGHgvxBzen%2FWTw%2B1VKxcIA%2B5GYKwYQhgEMn7gx2ENONHNRK3c5rWgm%2Bfp0uX2yCi2wmxVhu%2Bk0te8DQXd6RkKg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629278293491518
x-goog-meta-width: 56
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 378b41ab3a3ef9209f5da08bc8a41442
x-goog-stored-content-length: 1730
accept-ranges: bytes
cf-ray: 6b5b2caf8eb40f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 ac17d4ea-kh.png
cdn.hellosehat.com/wp-content/uploads/2021/08/ 1 KB
2 KB 62ms
61ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/08/ac17d4ea-kh.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12974e25b8e79af88aa9541d770030a049486a7a17b8a61ba700a0fe388baa01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=RdIcIw==, md5=AcF/F/6mVufK+9z4Yj0zUw==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8932
cf-polished: origSize=1925
x-guploader-uploadid: ADPycdvP5SpGlJU-B0_aHDNtr3dVUXuiZpYrIhpwNDTo9V0m-93pWxVV365hxe1IzPo4vXD4UX81BaxeYKumDkodlfU
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 441773
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1451
x-goog-meta-height: 56
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 18:04:00 GMT
last-modified: Wed, 18 Aug 2021 09:18:25 GMT
server: cloudflare
etag: "01c17f17fea656e7cafbdcf8623d3353"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZR0Tqg0bUNKIyHwa4wXlFR2muOBwE%2BmGFwnrbJsebAib%2F4gmSlOODZkBpbhjAZK7FdUXkZ0t8AjsNqFvbK2iBqBs7lyt7IWCCo2017gAp%2BbyzULAh5qN73C%2FzEtBk3x5qPksg%2FH7fg5P%2BAc%2Bg42xA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629278305179450
x-goog-meta-width: 56
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: d253950240502edf5feff4b3fbaa172e
x-goog-stored-content-length: 1925
accept-ranges: bytes
cf-ray: 6b5b2caf8ec00f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 b77a8511-countrytaiwan-shaperound.png
cdn.hellosehat.com/wp-content/uploads/2021/08/ 747 B
1 KB 49ms
48ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/08/b77a8511-countrytaiwan-shaperound.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f41139735dcf90699e2a54f0d44203b1fc726a39cdcbfdf0b9e965a17b74109f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=WXzqkA==, md5=NuwAqz6CB6glflkZhpyK2g==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28637
cf-polished: origSize=1206
x-guploader-uploadid: ADPycdtuCpQku0U4WXSUxjMmFSJM3s1i8XrUmmR2Rl1IKJTPIvzImLStMZ7WlMyZblYPILxFR5V99mmppog7P8W5ERw0Sj7pxA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 441774
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 747
x-goog-meta-height: 40
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 12:35:35 GMT
last-modified: Wed, 18 Aug 2021 09:18:42 GMT
server: cloudflare
etag: "36ec00ab3e8207a8257e5919869c8ada"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnZdgAxp6pZcuP9iyfjDfYkMqzhJjMrBlLA3afRcAwzzOh%2BDLjo2ZNjHGvfOkzF1DmMWQwdLWVtqrDV9SVJLX6l5RF0Ydh%2FC428IAEp8Q6bWhitjM8F8fJ8Td9orbBIx2T8xc7bFi6KPt0gyBTpWaw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629278322282019
x-goog-meta-width: 40
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 49ac8d4613cc8182abd3bbf292375532
x-goog-stored-content-length: 1206
accept-ranges: bytes
cf-ray: 6b5b2caf9ee90f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 7b590b3e-mm.png
cdn.hellosehat.com/wp-content/uploads/2021/08/ 1 KB
2 KB 49ms
47ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/08/7b590b3e-mm.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 777092d156163fd88a7264c6fb6b80cfeccfbb9a7951a55a54a3df0922f24798

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=qYLDzQ==, md5=mMo/upEjIQZD3f56IcZPjg==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28638
cf-polished: origSize=1561
x-guploader-uploadid: ADPycduQifLmODnbwRWf46XhXLw5tN5DxW1PcoWcthXXWh7JdBYohA268ulhHJNMNgPNSvVhUAb5jL1HE0aaMw8Cm5Jew_xYDA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 441775
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1058
x-goog-meta-height: 56
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 12:35:34 GMT
last-modified: Wed, 18 Aug 2021 09:18:58 GMT
server: cloudflare
etag: "98ca3fba9123210643ddfe7a21c64f8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0HVTodWvnhhBA6B56a1Ce%2FTxPenOgGdrpjwTwKX96bg5pzfUO71Jna6ZkJ5NAE2LZynWPHfLAchbCH8z2ZjecQOkXulRLi8jzN0ja0%2BMSZBLE30ArGPLj2JrXwIhK1RZmFCwhRKFnINu7fKvzO6zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629278338447186
x-goog-meta-width: 56
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: c7c80bc406a6b809260dfeaeec853520
x-goog-stored-content-length: 1561
accept-ranges: bytes
cf-ray: 6b5b2cafbf460f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 234ff140-in.png
cdn.hellosehat.com/wp-content/uploads/2021/08/ 977 B
2 KB 65ms
64ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/08/234ff140-in.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90a80ad0ab08c8d764c542784ca204ffffca06d44bcf91670af0151a34dfb63c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=sE0+Og==, md5=L1h/Z3GzD7bz+NIMAth+4A==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28638
cf-polished: origSize=1530
x-guploader-uploadid: ADPycdt8S6hXqvaV3_n4b6pIptD4hB_WCU5VxvwU3VcTd8TPBURvQws2fQ8rujcBza4Lk44Iu0nCYZJ6eFEKBZP1jErN0SXOZQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 441777
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 977
x-goog-meta-height: 56
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 12:35:34 GMT
last-modified: Wed, 18 Aug 2021 09:19:12 GMT
server: cloudflare
etag: "2f587f6771b30fb6f3f8d20c02d87ee0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBPDLmgf%2FXcWrMHsVEg66ImwpGGE0ovT3jhfLA4DTBUG%2FTDItRsuWQEUOHpJixH2JJLyRRWLJyeOfbe1%2FlCjU4hlRTqXi9W95wPgraz1YlAybNPTu%2FKugjd2rxzy4UVosFzeqDdVWZT2NEymhZoZdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629278351938192
x-goog-meta-width: 56
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: f900847616cba7d56bac8de85e6d2ff8
x-goog-stored-content-length: 1530
accept-ranges: bytes
cf-ray: 6b5b2cafdf810f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 5563ac53-vn.png
cdn.hellosehat.com/wp-content/uploads/2021/08/ 936 B
1 KB 185ms
185ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/08/5563ac53-vn.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a594b8abaaa9ddc33c27a1ee8f36fd60765a2b488334597564a0665476843a2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=muABdg==, md5=PiaD+hahmbhsnHGw1NmcYg==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8931
cf-polished: origSize=1601
x-guploader-uploadid: ADPycduSrL-ahHsD2y7XjRLJlLu4RJ837xTcvXA8m4oFt_6kq0L7b0mdSgcPH7XVdxKiKvxdoqeDpJP0nA7yqQ97Ga8
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 441778
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 936
x-goog-meta-height: 64
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 18:04:01 GMT
last-modified: Wed, 18 Aug 2021 09:19:23 GMT
server: cloudflare
etag: "3e2683fa16a199b86c9c71b0d4d99c62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=op6E6XGtFnpgBi73lZUh6AC8WCylvl%2FimIK86GgklMylG83WLnNwhGd%2B3OTVdCgisr5MaHV57c22wprDUMx4txrTMptU%2BGOIfmE%2BcbXfMUantBvKI2UCYPsJHy8JTIJ%2Bd2adKqnp7yzBbeBZfOeH0A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629278363328441
x-goog-meta-width: 64
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: d634c257ad37889f0abe4bc109e722ab
x-goog-stored-content-length: 1601
accept-ranges: bytes
cf-ray: 6b5b2cafdf850f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 26be1a55-ph.png
cdn.hellosehat.com/wp-content/uploads/2021/08/ 1 KB
2 KB 173ms
173ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/08/26be1a55-ph.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73700d12b1f69e2e57145816286feb9cdf4c45b5195df3a2d220f7d932f329fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=Uqp23A==, md5=+wAq5WjNFMD13WXcVucRLg==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8931
cf-polished: origSize=1735
x-guploader-uploadid: ADPycdsFnnmvfnz8KWIFj4TcJ2VeYFinGs3UubU_eD7Z1XCqbowVvLH6eAT1sZo1kYAbGNHMYu2oZdpE_-nhCoS4fjs
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 441779
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1181
x-goog-meta-height: 56
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 18:04:01 GMT
last-modified: Wed, 18 Aug 2021 09:19:34 GMT
server: cloudflare
etag: "fb002ae568cd14c0f5dd65dc56e7112e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vB8UiXSrH9P96i%2F0vU043pMlj3HFHStlPDKbE8wiJKEWbHgTPSad3RI%2BI29NEVZ0G%2BM4W0Ft6RXvX49MSnuy%2BWdrSdVuzstuk8Dt%2FXmuxT5P%2BBTJ%2FroUItbVM9%2FuAVrjZQ9uBWQfQBDfXcVN5gfITw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629278374401069
x-goog-meta-width: 56
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: cfe37055afc41409e8d9d01eb0dbaa79
x-goog-stored-content-length: 1735
accept-ranges: bytes
cf-ray: 6b5b2cafefba0f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 a5e97f7d-dmca.png
cdn.hellosehat.com/wp-content/uploads/2021/08/ 2 KB
2 KB 79ms
79ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hellosehat.com/wp-content/uploads/2021/08/a5e97f7d-dmca.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21b4b15a31a6243edfdfa2645d7796f44af2a8b0922f99cecc73b418a664e0b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=lqQCEA==, md5=zZNUUY+ulGHs8Dpe/s7pyA==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13703
cf-polished: origSize=2009
x-guploader-uploadid: ADPycduyaA2XwcuQG_9RMrFIH5U0TL1ZUvBhkihqZfdODHbjHg7zb4dVIY3U_koklp0djhWvfhR3r3Hsmv3gyRdBdIc
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-meta-object-id: 441764
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1882
x-goog-meta-height: 72
x-goog-meta-file-hash: d41d8cd98f00b204e9800998ecf8427e
expires: Mon, 29 Nov 2021 14:22:14 GMT
last-modified: Wed, 18 Aug 2021 09:05:55 GMT
server: cloudflare
etag: "cd9354518fae9461ecf03a5efecee9c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQRE48qQ4TTwsxHp05iUYyiuxD8pj3ZHHgHq1VD%2F42H5aMDDID89i5nQSqHXGiy%2FsgNAyjMls3Mm%2FUhfOMwHp6O4VcDBWujLl09M9k8SpCBgSwcaydJosTIs0Jduo25hA1LVC0BOSYBLILzAcJIj4A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1629277555772663
x-goog-meta-width: 200
cache-control: public, max-age=31536000, must-revalidate
x-goog-meta-source-id: 221182a9532f1e979eba1596ce0921d4
x-goog-stored-content-length: 2009
accept-ranges: bytes
cf-ray: 6b5b2cafffea0f52-MXP
x-goog-meta-size: __full
cf-bgj: imgq:85,h2pri

GET
H2 200 _buildManifest.js Show response
hellosehat.com/_next/static/y4ey8nX_-iecen0uATLbn/ 4 KB
2 KB 68ms
68ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/y4ey8nX_-iecen0uATLbn/_buildManifest.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

167cde9760d71d5cafef8f9993be0b94a42542c0e704d42da8e8a9c1445aeb7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260725
etag: W/"1072-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPZTad%2B4aXj%2Bd%2BIlom8cLGX8jxs7H2oWSrmechld0C60cSVtFzgb2eBgwLxjn3yjXkPNm627nj93O%2FNZW%2FJ3snF8YZdx5FmR0mCcCtkW7l9HCNURn5SY2mgvEbdf32lSVrPqvdGUBB8ohCV4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca9af440f52-MXP

GET
H2 200 _ssgManifest.js Show response
hellosehat.com/_next/static/y4ey8nX_-iecen0uATLbn/ 77 B
350 B 89ms
88ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/y4ey8nX_-iecen0uATLbn/_ssgManifest.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260725
etag: W/"4d-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqmAPlS%2B28nD712GwKuvfjR%2B1gngDl1KNoIHVNraC4gCIvLqhXQySHO9V6hnhAtS1nc9uJoEgl%2BuMmnMWMUhQ8Z%2BrW6%2FXjkG21xhhXEJnrK9BiAC7iS8qD8G1rqfTe4Am4VMhOvZ8ZKJ%2FiId"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca9af470f52-MXP

GET
H2 200 polyfills-dcf8b26cc480d48edc53.js Show response
hellosehat.com/_next/static/chunks/ 90 KB
32 KB 94ms
94ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/polyfills-dcf8b26cc480d48edc53.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

157761984925456338d2644f18a9054fa362e6fc00d9ff707a9107ccdd70deaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260725
etag: W/"167b1-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZgPStitF65Mjp3WGz5FXAMN3eP%2B84lJiLmLNccRLQHO0OeTcLWcZr4G5zhixg%2BVAm3UzJkIQFoANlzyN8QhjqCdxrYkE6gdWNAPQ2IhvZ2tqiTBRtc6fOSRtNwrniX8lvDNcdpNkqybrv9I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca9bf540f52-MXP

GET
H2 200 popup-discover.js Show response
lead.hellohealthgroup.com/admin/ 50 KB
12 KB 59ms
30ms Script
application/javascript 2606:4700:20::681a:5dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lead.hellohealthgroup.com/admin/popup-discover.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa0b958c3a912253190f6ddbf2047cb8a2190dc372893505c1a637625c3dbf5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1854
cf-polished: origSize=66339
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Wed, 24 Nov 2021 10:50:34 GMT
server: cloudflare
etag: W/"619e18fa-10323"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSLOgW0eOvPWQRWocgQWLNYHYEz5FzFPstoSZr7jFkEF5D4j%2BHDrbsdjYJyExOyhQn1r0uwaG77SIyNJS6dN0knxpPHAirtMfmJiwus5WTyCEUi%2FBCbX8sFaGqPHHAfGfZS04s2evcmjnDK2YA0ySW4HMAmfCpg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true
cf-ray: 6b5b2ca9df142bce-FRA
access-control-allow-headers: Accept,Content-Type,Referer,sec-ch-ua,sec-ch-ua-mobile,User-Agent,X-XSRF-TOKEN,x-xsrf-token,Authorization
cf-bgj: minify

GET
H2 200 webpack-7253763641d34fa47bc7.js Show response
hellosehat.com/_next/static/chunks/ 7 KB
3 KB 74ms
73ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/webpack-7253763641d34fa47bc7.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c29c96b45f93cf1052fe616e3d0d99e328e107ce792ede3bb46c75005bc4f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260724
etag: W/"1cd4-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yF4ViP%2FSqF7BXgWNqAzSYyuvppWm%2BaWGjJiwOh66v2%2BLKhhCqzr%2BCmo3lriXSVyigMqCV7Pts8NwFZp33eE9cDBjBtRalx3prtu%2FLos4RpsWRmr%2B%2Fc51teWBipqBKIth3qGIk5H9bTGqK4f"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca9cf9f0f52-MXP

GET
H2 200 subot.js Show response
subot.hellosehat.com/ 257 KB
165 KB 269ms
251ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://subot.hellosehat.com/subot.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

840417446517b60288a9d3475018fc355afbd9e1e2c435dda0ef5e1c08add0e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 11 Nov 2021 05:41:28 GMT
server: cloudflare
etag: W/"40224-17d0d83e740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIQJ0fwk0RRhkRGQ0OqtqExN55z4QvCF8ol4vdJM6eV3d3i02roWFva%2FqxqFH7jjJhTMCUKycl83LNmfzfOst611a4YAXh3YD6LVmyo2JH53IfrUnmztSMMfk3%2FkmQdkN4Oqvu6kLp5RdAkYG3xT5ukh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca9f82f0f52-MXP

GET
H2 200 framework-718dde90dfc1c503f61c.js Show response
hellosehat.com/_next/static/chunks/ 129 KB
43 KB 116ms
115ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/framework-718dde90dfc1c503f61c.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6da9d5f3ce44acc1da493c3e82a6d946de2ea06c00ebd485fd56813254bb4c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260724
etag: W/"2029a-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nE9YEK5oCUj9x1Y70ztCwBK25WMDhzzG%2Fzx%2BdggXhBukaBMaZdJwpJKmYYEkSbMJUEEMpmo0QJP3uh5ZAq%2BxytT1iIpD9V68vKR7YxxCl%2BVdCXuprr6KoxCEcVo%2BJY6iSgXGvtwq5ZLI8bDK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca9cfa20f52-MXP

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 57ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1058 / 401 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Nov 2021 10:32:51 GMT

GET
H2 200 commons-4bb061ed406f00393c96.js Show response
hellosehat.com/_next/static/chunks/ 3 MB
563 KB 116ms
116ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/commons-4bb061ed406f00393c96.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

195b66d70c7ecdc6cc7bdb80b5d20362266269f2034ad3cf8f84fad9eb916dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260724
etag: W/"2faf86-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2V3%2BD8qPTvicGS6LQAEbhIO7JMPYkifezboZ7hJFNc7eZHzdsl63vArykqU8Xm5vCxm0fGuDJyy%2FpdFyLXCq5t83lubhf5W9ZaWqFge6YDWDwzYTZ23fEjOrCyJe2sBeX2Nu571EVZFFAJeJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca9cfe10f52-MXP

GET
H2 200 ins.js Show response
hellosehat.api.useinsider.com/ 330 KB
81 KB 111ms
58ms Script
application/javascript 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellosehat.api.useinsider.com/ins.js?id=10003799
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f66438fdc72f60fb08fad25906cf0cda6bfeeb1a7bf5a79f729b638b52abc1f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 3448
x-amz-request-id: YWVKXQ08SK139CQS
x-amz-id-2: I7XFOiWly9VUFjK1RWh91PN58pi4n1n8AEkHktWNAeKjxsS9roV2ZNqa5+k4LeYB/bqadAx/at8=
last-modified: Fri, 19 Nov 2021 09:59:56 GMT
server: cloudflare
etag: W/"008f88d13ea2d22b2da98135f7938c67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=300
x-amz-version-id: 7HaVsMyTJASs5boOyoRwCpw.zV4JcAFa
cf-ray: 6b5b2caa1ae4d60c-MXP
expires: Mon, 29 Nov 2021 10:37:51 GMT

GET
H2 200 main-605659d400df16bbc250.js Show response
hellosehat.com/_next/static/chunks/ 19 KB
8 KB 112ms
111ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/main-605659d400df16bbc250.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c8a6888774843c183bcbd577ea9a47a8aaa694312d22ed7a8d40fa40ce0e67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260724
etag: W/"4bbf-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhyUgK%2BLNObXpQg%2FTj4OPLpEjrAFCpB1UxNiR6OrNWy1JI%2FRCvG7Xw6UOQl3IPO9TPgINYsQEh2QUItjmjoaeEPyXCazJvAz5McEMQcwH4B%2FBeF92iPX6IF90pwb7nHwpBslWzKT7GOGzDQt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca9cff90f52-MXP

GET
H2 200 client Show response
accounts.google.com/gsi/ 182 KB
73 KB 196ms
56ms Script
application/javascript 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

237f9cd58dc7a9ca94941e61330960c620e6b39577fcb5043706aa24fd4108dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4vwFM3ssOZfpNV/pun8RMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
content-security-policy: script-src 'report-sample' 'nonce-4vwFM3ssOZfpNV/pun8RMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"
expires: Mon, 29 Nov 2021 10:32:51 GMT

GET
H2 200 eb799d10-d6e72a2913c98b6eb73b.js Show response
hellosehat.com/_next/static/chunks/ 563 KB
124 KB 130ms
129ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/eb799d10-d6e72a2913c98b6eb73b.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ea599f271342e8e16103ed432e0610dac29ff608ecee01ba8a5c9704fdc9d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260724
etag: W/"8ca1c-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TQkZEfLd873qBkmQ9FzclDEL6Krm4IiY43MnOsrFgmgAaG8YROJcGwBeWDH51reo1fmohpIgpWSUO9hILoty7toQvOXhOY1FKCmHfZK09epWRh31CwdhPUeRZsrtQ7c8Md0ORsPfTvt11uh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca9f8270f52-MXP

GET
H2 200 29107295-7ecc1b93cc76cc20bd67.js Show response
hellosehat.com/_next/static/chunks/ 70 KB
25 KB 94ms
94ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/29107295-7ecc1b93cc76cc20bd67.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89fc3a2941138c93f799d3f2a13cfe9fa095567d775599b5601117591ad3ceb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260724
etag: W/"11835-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8eV1peuIUhyEI3ofpJ3sVFix471YXYuG7sQzRRdDyci88umEoVJOl4Pe0H95fF1h3Nvf3c8ARrbeFPL4btO%2Fr0CkmIZ3Dx%2Bxjg8iRR%2FZYEeBQK0nDSzRQhBtuLj4cvFgkF0ZYJFuYDuXo3s"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca9f82d0f52-MXP

GET
H2 200 6022-058764decbdc81faa076.js Show response
hellosehat.com/_next/static/chunks/ 46 KB
15 KB 96ms
96ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50229f8cb61d218f95621ea1cf8240ce4c723a4049f9d48b92a0e3f882361907

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260724
etag: W/"b982-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjgR84nu0Rq7P7oc1cc7Rxw6vDPkcGGwXj0fGaV9uJPwLfTlAGoXuLMmofokoRI2bTtOBsbnrEC7h194Dc6LT6w4RtHDimjPRdPt50Lbwwa9kaMu15tmn0SVhvzM1lpl9gCTAw7gjeI646r%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca9f8340f52-MXP

GET
H2 200 7234-00f58f951f049e539a64.js Show response
hellosehat.com/_next/static/chunks/ 17 KB
6 KB 92ms
92ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/7234-00f58f951f049e539a64.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d37c648aa88066cb3859c4799920acc46cbef3018a53504a521f4aafce87985

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260724
etag: W/"44b1-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1zHhthoUKDJh0CPfzoSmCJrkLlrsww0sM9yUBdhdpReH%2F2v2nRXa5e34G8VGvrGepMAMvUzFHw9m625Jo5AM7bmumw8YItg9VUFPIiEAckJYPSbMvzR4AUbjQMIhTrb3Kdsf2NzMYoepYWT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca9f8390f52-MXP

GET
H2 200 7520-edcdeaa26e492aae16fb.js Show response
hellosehat.com/_next/static/chunks/ 23 KB
5 KB 104ms
104ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/7520-edcdeaa26e492aae16fb.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

907badcb91936cad3f99d9d8d16107e6db02b8986dab4ca0e6cb0689224759c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260724
etag: W/"5bfc-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnWJgg%2FMqdwt%2FpgvmLF4aC8OdT5MmNO7cadVpdYT%2FJyE3T6CpUGHNUOfMx5P4nKjqZMrli%2FTGLo%2FlI83hOALrJ2AyP4sWkkIIv%2FK5CPGcxjT6yhhD6S2Ti2a80yvepLHwvjgHLM%2BdI1A1qsz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca9f8410f52-MXP

GET
H2 200 _app-8f78a303de25adf96b50.js Show response
hellosehat.com/_next/static/chunks/pages/ 833 KB
144 KB 100ms
100ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/pages/_app-8f78a303de25adf96b50.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47f8dd82997002775c499f0423837014ab32ba82eb8618a560d4f56d3e3d7e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260724
etag: W/"d0239-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mg9b%2BQ5yVAs53CjGo4jNjuCjNIzpacHjKhVERVz7lBR%2BvjNErqgd18AGvwnkgW981np%2B1QTIek1N7AnNPUL28s%2B3JkuZQgcslpHZItZQ7ZwPVZdGivY7BMy5frZQRSbLhg6xveL7XxU9pv9%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2ca9f8750f52-MXP

GET
H2 200 8929-2626082a80c05593c11e.js Show response
hellosehat.com/_next/static/chunks/ 8 KB
3 KB 112ms
112ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/8929-2626082a80c05593c11e.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a148b672f71ea0af3a5de16d27576c78bd86d47f30da37e0eee4f56cda0a3898

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260725
etag: W/"1e86-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2m2MR58CuQW2dV6VLI2ogE8vef8JMKBthVeEI6B7yC%2B8nSDqUvX7mJNKvXpCRQ9cRgqxvtOm%2FnW8BUL7JhlxqTmwVq18gv5dm%2FhFR2pT3G%2FdtsTTMcMKzz%2BtDbGgyJtqowO5%2F1LDy74xZ51"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2caa39140f52-MXP

GET
H2 200 8755-c96c76306ef20b2bb799.js Show response
hellosehat.com/_next/static/chunks/ 211 KB
34 KB 107ms
107ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/8755-c96c76306ef20b2bb799.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

133282c228f76fca0d87bab178b18f3ddd3786f7c8ae19f1f2d111b9e8f58631

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260725
etag: W/"34b5d-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeoJPFSUX1rSuwIYDR%2BgIJ9m%2B8YQil1jz5NgPOGmcmlMa18I2ywWv2vTMYit1YzPaCSnztCpDwhuk5ehdeiwcjwAOlmR43v4Cky%2FkaZQK2tEmHDUPvul8jK0MgdkN%2B%2F5sHuJCB7KKmi9Ypcc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2caa39180f52-MXP

GET
H2 200 5654-d20a22c34ae8d8a1ddd1.js Show response
hellosehat.com/_next/static/chunks/ 12 KB
4 KB 102ms
102ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/5654-d20a22c34ae8d8a1ddd1.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b6fe87cec54c1057d00c4dfc07a6afcb40766eedb93a2c09e846c972246498b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260724
etag: W/"3042-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ip0a8ASCbuQvGwqlDoEbgbL9he%2FJLaGHOebt2Arj0SHdmnZiPrfhkg9AhvaHPt%2FjEgVh%2FjfH6Vrgd2ojQs2uy1IgcR8W3gv56nhu%2FuFi6EcILcHHNYjS9WIxpgT4ZqH8E7m4qvHuSVEuvQxf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2caa391a0f52-MXP

GET
H2 200 4032-decc13c4a72544a7ce08.js Show response
hellosehat.com/_next/static/chunks/ 13 KB
4 KB 93ms
92ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/4032-decc13c4a72544a7ce08.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5527acfbc16c1aba369254c889d87f435e73b00528e360c77db008339dd6761c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260724
etag: W/"3266-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9j0iIecTE5m5GrxZxG8CF%2Fs9eOMVdgIxGHx0d2HIa0bUZq9nCs7njDdLWhcNsqCqqu8byw%2BaueM8qVQx2NhjD0jqCG1OMfs59YlbIQm3o0DjfkrzJxHMCfPCLOsTXBLhhdEz66rPb5QC5GtO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2caa391d0f52-MXP

GET
H2 200 7298-f84555fb0e891172e7ab.js Show response
hellosehat.com/_next/static/chunks/ 26 KB
7 KB 97ms
96ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/7298-f84555fb0e891172e7ab.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

150d8d67ab97846b17ef2f26dcb70b13db87f8442e90c57f0adccd506900bc38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260724
etag: W/"6947-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCnIqtFnrYZI6IzqJUs0qEeMY97jN2MuM4nv3Vbq6RC2ZzZprVk8Sh7njmEFUvjQH22LaERnlNQkErdtA%2B41Ch7KC24rVU4NQGSnIUHDATTN5UfTJA4CNARCPaGEfWbaWp11rPB%2BXs4KWEmw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2caa39220f52-MXP

GET
H2 200 7624-7a389b8bd7827e8e99ae.js Show response
hellosehat.com/_next/static/chunks/ 41 KB
8 KB 90ms
90ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/7624-7a389b8bd7827e8e99ae.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ead86ebdeb06874667b8df645d1bab933227c3eb2d6fb7d2195f2f71714d62aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260724
etag: W/"a2fc-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9OeCXUWralyM9%2BpGKEddplVWMB2C5fENv%2BXbY6UV1fYWpqQBPh7LyDrBzCuhpC4%2Bgc%2Fjqh%2Bwt7W9z%2BUKw%2FVBDXGoA1ewHONX8lap5pLMOpeEFS30mEHJVoHWGA7khBOJssvw4stzYjhn6rM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2caa39250f52-MXP

GET
H2 200 6615-6998f6264552fc97c8d1.js Show response
hellosehat.com/_next/static/chunks/ 17 KB
5 KB 79ms
78ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/6615-6998f6264552fc97c8d1.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4daa970399ec0b9b2d86c886766ac1aee4e91b64e7cdeb73930a6264982204d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 159755
etag: W/"44b7-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EikWll9tcu9arwZFR3NBwBFzpn%2Fr%2B90ObhXrB34tmtgtUg1DgHDtlP%2FG3e522I8WLft5M2Ruase4Dvu9xIQ0bec7oK08S1IDTxS%2FNwbXT15fFEqwbPvhhxqHr%2Fa0BnHUHUBxT2UM1aQiwLin"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2caa39270f52-MXP

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 17ms
17ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Nov 2021 10:32:51 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 216 B
151 B 31ms
17ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hellosehat.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c8b73ad2c530c3e6c34bf65c69abecd50717853a026ed95d5bf752c2f130d706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126
x-xss-protection: 0
expires: Mon, 29 Nov 2021 10:32:51 GMT

GET
H2 200 index-574751a06a10d12e608e.js Show response
hellosehat.com/_next/static/chunks/pages/ 41 KB
12 KB 44ms
44ms Script
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/pages/index-574751a06a10d12e608e.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49cce362baa68aba9de3e5b79041390310b367c2c3aa2c62baa236316bfa586f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 159755
etag: W/"a5ea-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbvZCAggJsz3Rbu6IRxzO3bqxR9xLRt%2BjGyF0xv2N7IyMMdGVFJbIOLf8lnkitZuu%2FMLAQIG5NMtBqDo2ECKbu09h9x43ixBYXRJm65iY5yQD00VeMUidmPi7%2Ff%2B96kzUmCwzr1F1k1GVIo7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2cab0a9e0f52-MXP

GET
H2 200 worker-new.html Show response
hellosehat.api.useinsider.com/ Frame 87C8 8 KB
3 KB 131ms
131ms Document
text/html 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellosehat.api.useinsider.com/worker-new.html
Requested by: Host: hellosehat.api.useinsider.com
URL: https://hellosehat.api.useinsider.com/ins.js?id=10003799
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-type: text/html
access-control-allow-origin: *
last-modified: Tue, 23 Nov 2021 08:10:06 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3447
expires: Wed, 15 Dec 2021 10:32:51 GMT
cache-control: public, max-age=1382400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b5b2cab4d42d60c-MXP
content-encoding: br

OPTIONS
H2 200 handle
jb-on-site.api.useinsider.com/ Frame 0
0 77ms
36ms Preflight
application/json 143.204.98.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jb-on-site.api.useinsider.com/handle
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-117.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://hellosehat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 29 Nov 2021 10:32:51 GMT
x-amzn-requestid: a6ceea30-cc2a-465e-af1e-89678502afbc
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: Jj_dIFkljoEFULA=
access-control-allow-methods: OPTIONS,POST
x-cache: Miss from cloudfront
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: iEIwVJnKLsxYXCzwd_UMVGa0ORJN0nKZxfCAmsx6E0wOU_c3sO_w0A==

GET
H2 200 / Show response
location.api.useinsider.com/ 269 B
479 B 66ms
47ms XHR
application/json 2606:4700::6811:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://location.api.useinsider.com/?v=2&pId=10003799&
Requested by: Host: hellosehat.api.useinsider.com
URL: https://hellosehat.api.useinsider.com/ins.js?id=10003799
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f95585ae4c1c2f975a72ab3e69ce37ad1a86edab942be6593a75c0cee28c222b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 6b5b2cabaeae4e07-FRA
content-type: application/json

GET
H2 200 16381819717730458b5b26b.c34d7c28 Show response
segment.api.useinsider.com/v4/segments/ 927 B
651 B 125ms
78ms XHR
application/json 2606:4700::6811:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://segment.api.useinsider.com/v4/segments/16381819717730458b5b26b.c34d7c28?partnerid=10003799&fields=0fee8c249f82f5b7fc996947d2085c57,ffbfc345b7525d0e93f6b8ca1d89d6f5&
Requested by: Host: hellosehat.api.useinsider.com
URL: https://hellosehat.api.useinsider.com/ins.js?id=10003799
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12e17bf8136cefd5b874c58dfed2a11161216aee1eba2c0e098852bf44a5e83c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cf-ray: 6b5b2cabef0e3743-MXP

POST
H2 200 handle Show response
jb-on-site.api.useinsider.com/ 0
355 B 98ms
97ms XHR
application/json 143.204.98.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jb-on-site.api.useinsider.com/handle
Requested by: Host: hellosehat.api.useinsider.com
URL: https://hellosehat.api.useinsider.com/ins.js?id=10003799
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-117.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hellosehat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 529cfa84-3c90-470e-a9f1-a59bc4ae5795
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61a4ac53-5c699ca95c002c5106b023bc;Sampled=0
x-amz-apigw-id: Jj_dJEWSDoEFpcw=
content-length: 0
x-amz-cf-id: 9OFpA5WP6nHbViUIgRSPvoCdmbd8IjMpZ9Cm9_lxpsnF69e_TyvVBQ==

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
154 B 66ms
66ms XHR
text/plain 2606:4700::6811:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://hellosehat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 29 Nov 2021 10:32:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: 1be05c69-5890-46a9-9423-d7a9379afb68
cf-ray: 6b5b2cac2f8d4e07-FRA
content-length: 16

POST
H2 200 bot Show response
subot.hellosehat.com/frontend/api/ 53 B
355 B 610ms
610ms XHR
application/json 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://subot.hellosehat.com/frontend/api/bot

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a3b80d2da5b23aa0581ccc1177b05ac8a72d868dac6dc6084ff28b60c8c3050

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://hellosehat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEm7dbGC6YDQHLUb%2FJqDJSqLloIhAu7TGzAgHtC6IH9PbYUfAanlafruTFO%2BJEtBaEjvWgM9ix50Ih%2Byeua0SCelxuid9IiwRGcsz9J%2FVDhEQhsnErBjgkQxC2yvvVaZNO1mixWIn7WOa3Ln5PdMJcw9"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2caf2bc6374f-MXP
access-control-allow-headers: *

OPTIONS
H2 200 bot
subot.hellosehat.com/frontend/api/ Frame 0
0 325ms
280ms Preflight 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://subot.hellosehat.com/frontend/api/bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://hellosehat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aksVdl5H7f5Ybdi4xivLxSaYZLsNyDtl0ZZhSXuNGYibUyfB0MRfgkMM4eh47H2K7pEUYAVDI%2BoJ12JSsjezzt2p88Vgn1mljhLPKiyBPjqMgBJxvlgm0uBvY6dsg5bdZO8MQZwsY65N5pD0rLgA6BMK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b5b2cad6ee2374f-MXP

GET
H2 200 spotlights Show response
wp.hellosehat.com/wp-json/api/ 6 KB
2 KB 667ms
638ms XHR
application/json 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wp.hellosehat.com/wp-json/api/spotlights?per_page=100&order_by=start_date

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.23

Resource Hash

130ae97f1b15a9013b4cdac8ad485d904ddab1c28a34852c9f9535131d0d0f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://hellosehat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.23
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGpW%2Fj1e%2Bupq6zmmMr7D%2FCQcK33GiTnLc27coUbG1waYLnoBwOFMWBlopFOMEpAt%2BcKsbIxeijhXy0bdIt0gdKJAgPyTHim1ic7YSxDBZc%2BOQEzcb3xCNShCzuXu5ABIfMg9MBLQ4i77qa7cWQ7u"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
cf-ray: 6b5b2cad6d0768ef-FRA

GET
H2 200 community Show response
together.hellobacsi.com/api/v1/ 5 KB
2 KB 297ms
234ms XHR
application/json 2606:4700:3108::ac42:28f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://together.hellobacsi.com/api/v1/community?website_url=https://hellosehat.com

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.22

Resource Hash

3fceaeaf3c28c1da719a83844bbeb26db030cd2c187dd36f55e3ed95858b2f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://hellosehat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDB2d8bO01r1XHzhVDX4r%2BEBrW5poHziqAgFqPhs09eL0jnI%2BgekW%2Fm4g4jPljaZk8JOVxmA1rSY%2FqB5G1k%2FItdHEbez%2B2JoylMOraQZVk95ppWQbTbOxjhgPJiL%2Bnet584WX9Nx2SQseFcZyHgiGj3n%2B2kt"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-ratelimit-remaining: 914
cache-control: no-cache, private
x-ratelimit-limit: 1000
cf-ray: 6b5b2cadb8cb3752-MXP

GET
H2 200 community Show response
together.hellobacsi.com/api/v1/ 5 KB
2 KB 300ms
243ms XHR
application/json 2606:4700:3108::ac42:28f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://together.hellobacsi.com/api/v1/community?website_url=https://hellosehat.com

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.22

Resource Hash

3fceaeaf3c28c1da719a83844bbeb26db030cd2c187dd36f55e3ed95858b2f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://hellosehat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YX5a5kiUrVD%2BYU28GQ7CCoomRXsy%2B17htrSQgsG1e2OYEkrkmw5P2riJUr2rmHgU28tcP4Iqur0EDZPGz8SuPgeU4N33HLVDRGduIkWESFkQrQ1jnJcdfu76a7AS6Ov4AM4kGZZWsYBXMoUmw7lSwB67GM%2F6"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-ratelimit-remaining: 918
cache-control: no-cache, private
x-ratelimit-limit: 1000
cf-ray: 6b5b2cadb8d23752-MXP

GET
H3 200 style
accounts.google.com/gsi/ 658 B
441 B 221ms
204ms Stylesheet
text/css 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.Mb9zpnrv1Ng.O/am=chE/d=1/rs=AF0KOtXvOlFBAfK2yy2FXw1dpDhezlWKBg/m=gis_client_library

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

735896fb65aadc7751e4ce6bcd629f399f4f974cc9e36bab715e2a4536238609

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8mnTd88/z/P8MZxFW1A3aQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-8mnTd88/z/P8MZxFW1A3aQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 65ms
50ms XHR
application/json 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=289442006438-040a42cbidr6v5d178f3iqi9q95821r3.apps.googleusercontent.com&as=csOwx9Pp1XajrSyQoHPMMA

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0096a1a01c30e912021671b35fe7b3536ff6028ff0c943bfcfa62b46515e424d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hAkCFXBCO+S97k+EtgeUNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hellosehat.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-hAkCFXBCO+S97k+EtgeUNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 40ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hellosehat.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 42ms
17ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hellosehat.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 185ms
184ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4469147238393038&correlator=4069999820653303&output=ldjh&impl=fif&eid=31063812&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=21682272649%2CHelloSehatDesktop%2CHelloSehatDesktop_HomePage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=Pos%3DTopBanner&cookie_enabled=1&bc=31&abxe=1&lmt=1638181972&dt=1638181972088&dlt=1638181970673&idt=1078&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1006&adks=661055900&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhellosehat.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x32&msz=728x0&ga_vid=1412350123.1638181972&ga_sid=1638181972&ga_hid=334316715&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d89d29544ad7a238afa3d97b4c44e604c28f5f4a2abe58704f491d1c6899d105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8628
x-xss-protection: 0
google-lineitem-id: 5784595823
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138362747841
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hellosehat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 50ms
50ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4469147238393038&correlator=4069999820653303&output=ldjh&impl=fif&eid=31063812&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=21682272649%2CHelloSehatDesktop%2CHelloSehatDesktop_HomePage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&prev_scp=Pos%3DAfterImage&cookie_enabled=1&bc=31&abxe=1&lmt=1638181972&dt=1638181972092&dlt=1638181970673&idt=1078&frm=20&biw=1600&bih=1200&oid=2&adxs=800&adys=1022&adks=39465523&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhellosehat.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=0x0&ga_vid=1412350123.1638181972&ga_sid=1638181972&ga_hid=334316715&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e0dc7d5c0de19da6d905dd700393a7442275de3f2e4991ef609d695f7b2ce928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8585
x-xss-protection: 0
google-lineitem-id: 5780438563
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138362117061
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hellosehat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 358ms
358ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4469147238393038&correlator=4069999820653303&output=ldjh&impl=fif&eid=31063812&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=21682272649%2CHelloSehatDesktop%2CHelloSehatDesktop_HomePage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=Pos%3DMidBanner1&cookie_enabled=1&bc=31&abxe=1&lmt=1638181972&dt=1638181972093&dlt=1638181970673&idt=1078&frm=20&biw=1600&bih=1200&oid=2&adxs=1002&adys=1883&adks=3533552891&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhellosehat.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=419x32&msz=300x0&ga_vid=1412350123.1638181972&ga_sid=1638181972&ga_hid=334316715&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

13f7757eafe2d6e6beb5f150eb1d99d63cbe47a7ea52c313cb7af842fbc2c8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8644
x-xss-protection: 0
google-lineitem-id: 5784595823
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138362673179
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hellosehat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
21 KB 723ms
723ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4469147238393038&correlator=4069999820653303&output=ldjh&impl=fif&eid=31063812&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=21682272649%2CHelloSehatDesktop%2CHelloSehatDesktop_HomePage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=Pos%3DMidBanner2&cookie_enabled=1&bc=31&abxe=1&lmt=1638181972&dt=1638181972094&dlt=1638181970673&idt=1078&frm=20&biw=1600&bih=1200&oid=2&adxs=1002&adys=3273&adks=2916050171&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhellosehat.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=419x32&msz=300x0&ga_vid=1412350123.1638181972&ga_sid=1638181972&ga_hid=334316715&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6a187e59c959c541b477855af39df95cc9a424916c333d9b0c1753e19649825c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21772
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hellosehat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8ABD 6 KB
4 KB 87ms
23ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 10:32:52 GMT
expires: Tue, 29 Nov 2022 10:32:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 524ms
523ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4469147238393038&correlator=4069999820653303&output=ldjh&impl=fif&eid=31063812&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=21682272649%2CHelloSehatDesktop%2CHelloSehatDesktop_HomePage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=Pos%3DSticky&cookie_enabled=1&bc=31&abxe=1&lmt=1638181972&dt=1638181972101&dlt=1638181970673&idt=1078&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1200&adks=3048852453&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhellosehat.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1412350123.1638181972&ga_sid=1638181972&ga_hid=334316715&ga_fc=false&fws=516&ohw=728&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

09045c1659ddb6a9c248500d401b4ae52dfece587810404b02e39e35ddb5abe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9515
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hellosehat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8929-2626082a80c05593c11e.js
hellosehat.com/_next/static/chunks/ 0
3 KB 39ms
38ms Other
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/8929-2626082a80c05593c11e.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/commons-4bb061ed406f00393c96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260726
etag: W/"1e86-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDas%2F2o%2BFdEIWj5YR%2BfNITGgJj9wA7jl5lRVmIw4vwMnmijFV6Lqwv8Y6B9eVyg4qT%2FzG2Qz%2BGSYFZlMsYK%2BG4if7NQNjRE2J%2BORO57iKj9Rd1d5xsAt5vogsXwJhU6aCQ%2FufpR3QjVx3gy7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2cadc9c60f52-MXP

GET
H2 200 8755-c96c76306ef20b2bb799.js
hellosehat.com/_next/static/chunks/ 0
34 KB 55ms
54ms Other
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/8755-c96c76306ef20b2bb799.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/commons-4bb061ed406f00393c96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260726
etag: W/"34b5d-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SoGsTDF8yK4Oad5DZSTqzM42caWh%2Fb2wtWCNYC2yaJw1Brahg8N6zZ%2BVMDLpLEpmGqggxLt7Ktd5vQDudkgJwZ7oMdHSzjOvKuepDpsTRC%2FGfskDhIjPDhVWungVl8MiSzP0NlG9xIIXJx%2BR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2cadc9cb0f52-MXP

GET
H2 200 5654-d20a22c34ae8d8a1ddd1.js
hellosehat.com/_next/static/chunks/ 0
4 KB 62ms
61ms Other
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/5654-d20a22c34ae8d8a1ddd1.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/commons-4bb061ed406f00393c96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260725
etag: W/"3042-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAcLna5rtAet2IvaL0GM7AstaKjh4twHBLhJ%2FZs7l6ZkxPeBv5PJol2EdRUEn60GoF86YLgxLFJZWuweBjMImopwwT7DmQFmxFKVm4gzL3wUcOP8EalZ1pAjvR0tQCkRwTEvQmH6YM1F9Nb1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2cadc9ce0f52-MXP

GET
H2 200 4032-decc13c4a72544a7ce08.js
hellosehat.com/_next/static/chunks/ 0
4 KB 34ms
33ms Other
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/4032-decc13c4a72544a7ce08.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/commons-4bb061ed406f00393c96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260725
etag: W/"3266-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJuqngqLkHyhke2CWL2SudbWSUx1OFMz1PW0pE8OUyZsZa5%2F%2BlMQSxIesqbo%2BrwMUlgzzeob88hsssUfq4fmEp1c0BFLMdDLRFVIohWGHhtO2fgJ0FBD%2FBN6Fl69W6Hgx5K48SJ%2BBSdcdyNt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2cadc9d00f52-MXP

GET
H2 200 7298-f84555fb0e891172e7ab.js
hellosehat.com/_next/static/chunks/ 0
7 KB 70ms
69ms Other
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/7298-f84555fb0e891172e7ab.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/commons-4bb061ed406f00393c96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260725
etag: W/"6947-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzXNhdXS65f9tG8nlLnhoEJKAypmWLv67LLEJEMR8juWieYGfKP9K6MGVOYaF3jPcLi3N6QQfm%2FT%2F%2BvoaxthAxcPFP1wX4bzi1WGoT5Pj4sYqrRCVg8gvK%2FCYMOrx355d4So0X%2B39cEdm9%2FE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2cadc9d20f52-MXP

GET
H2 200 7624-7a389b8bd7827e8e99ae.js
hellosehat.com/_next/static/chunks/ 0
8 KB 60ms
59ms Other
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/7624-7a389b8bd7827e8e99ae.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/commons-4bb061ed406f00393c96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 260725
etag: W/"a2fc-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOoen9juTw3V%2BpK7NDjCM%2BWCSWtHeLZcoCUjxhUYtcsooVuPq9v8qwURJJUwr3ZUAvmJM0%2B7vQkPSJ7FwKwp0oAlhirv9XzC%2Fg2e3WkFxsEdcXhN0ai5pOSug%2Fakf2aRiL%2B4x8RXNBeRfOBc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2cadc9df0f52-MXP

GET
H2 200 6615-6998f6264552fc97c8d1.js
hellosehat.com/_next/static/chunks/ 0
5 KB 49ms
49ms Other
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/6615-6998f6264552fc97c8d1.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/commons-4bb061ed406f00393c96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 159756
etag: W/"44b7-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=344sFrqpuCpjbJnFSP5azk9DTEAuiMvm9gAQSd127nnCcvNHCbyC2jyLMCkYDHy0me5B6Zrt6InYAU2tqXTFo59dU84diYwIABMvaE62VCGgJI1GMWx9kLhacZWFXStn1b5PAFchIstv7pLq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2cadc9e30f52-MXP

GET
H2 200 index-574751a06a10d12e608e.js
hellosehat.com/_next/static/chunks/pages/ 0
12 KB 70ms
70ms Other
application/javascript 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hellosehat.com/_next/static/chunks/pages/index-574751a06a10d12e608e.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/commons-4bb061ed406f00393c96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 06:29:54 GMT
server: cloudflare
age: 159756
etag: W/"a5ea-17d5aefa2d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kec2zOUH8OpJazAvaqBU6zuHL0R8T3%2F84biP4muH6fwqHY5F90l5PusjtOZunXU14SyX2vtnF%2FIiOEdzD4BuWw32UcyF0LHoabahZjq2fAgHyY5KlmdWK5aHaUdmtoogid%2FBWhxKfutrR3k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6b5b2cadc9f00f52-MXP

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
122 B 57ms
57ms XHR
text/plain 2606:4700::6811:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://hellosehat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: 32eaf6bc-e28b-4e34-8948-14f6c651a8bc
cf-ray: 6b5b2cadeb264e07-FRA
content-length: 16

GET
H2 200 opt-in-dialog.css
assets.api.useinsider.com/css/ 3 KB
1 KB 61ms
50ms Stylesheet
text/css 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.api.useinsider.com/css/opt-in-dialog.css
Requested by: Host: hellosehat.api.useinsider.com
URL: https://hellosehat.api.useinsider.com/ins.js?id=10003799
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 234999
cf-polished: origSize=4371
cf-bgj: minify
pragma: public
last-modified: Tue, 23 Nov 2021 08:10:06 GMT
server: cloudflare
etag: W/"619ca1de-1113"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 6b5b2cadfb36d60c-MXP
expires: Thu, 02 Dec 2021 10:32:52 GMT

GET
H2 200 native-push-sdk.js Show response
eitri.api.useinsider.com/static/ 10 KB
3 KB 139ms
127ms Script
application/javascript 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eitri.api.useinsider.com/static/native-push-sdk.js
Requested by: Host: hellosehat.api.useinsider.com
URL: https://hellosehat.api.useinsider.com/ins.js?id=10003799
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caed4c0ef39873fadbc4ca0152edb35c3a188013b1964d91b89134a6c9353191

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 5515
x-amz-request-id: 52VMCT1CVR6EY78S
x-amz-id-2: O66VUzRp/qGWWSQdouuu7xwrgY6w9pEEa/AMt3jeTMYjB8KvQKwNs71E+XrNESVGm3mtlp6a79c=
last-modified: Fri, 19 Nov 2021 09:08:30 GMT
server: cloudflare
etag: W/"d0c9ff449f2971b77e5cb4f8470a6cb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
x-amz-version-id: VGMtH1TzZaXKz6GvQ7q2kkzBVKuuqteQ
cf-ray: 6b5b2cadfb2ad60c-MXP
expires: Mon, 29 Nov 2021 10:37:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8378 0
0 56ms
55ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzutxrdkYbGJ1p9orZPWjuupoI5Nf59ZzcI2uiVYVovprCwfZhaWqGbGf3xz1BfXRJUctN5oMjOeUJyOjIUhf3k0E1YSBqvwNDKvfltDRRXXcA7LEC8DAL3TG16tcB__o7sosVdZHaxGsQn4ruKYioUTa6oWPSERaPaPNiO8Z_dWsn2fwg0OKgnCqs48Jov8x-q7_fEhEPQPLChg8_-4he0si4W9Bam2JTdcYrPfQuTqYV0Cgwl7GJGDWi1LBKSxsm11pxq_3yYOQFi0QGmfZdC2twRkP4tDIvAsV_RYqC_QZ6eeLCrHLCLaHgvu86ZnLh-ANaeDrNvbvyqx1_vDaMtmg3j32Txq8UyA&sai=AMfl-YTfZpNrDZVGbFr7AeaTvc_WVHDs5XV-jDMBEkzYHEyYnUOQlGmL7hxQRrdHs2oD8l9EOJkk83tPecXt7SMVKuiRvm2VlHHObK6Hraa1_rW3WZFtbnICVhcCr3EjAKo&sig=Cg0ArKJSzEh1QNxw27OcEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
H/1.1 200
OK index.php Show response
hbs.ph.affinity.com/v5/hellosehat.com/ 3 KB
2 KB 522ms
126ms Script
application/javascript 216.139.248.131
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://hbs.ph.affinity.com/v5/hellosehat.com/index.php?t=291010
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.139.248.131 , United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: 216-139-248-131.aus.us.siteprotect.com
Software: nginx / PHP/7.3.6
Resource Hash: 303d28cec54685d21cdb90d546f5c4c530aedf670f01fb63b2336ec391e86662

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 10:32:52 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.3.6
Vary: Accept-Encoding
Content-Type: application/Javascript; charset=utf-8
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Connection: close
Expires: Tue, 29 Nov 2022 10:32:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8378 119 KB
37 KB 57ms
25ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
DATA 200
OK truncated
/ Frame 8378 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 864d774e4d1600133cc0b1ef195acc4168562c48080442e5689057076ebd129a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8378 0
0 42ms
42ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxUICiFymBc77bIVgaU-EzeKN5UDimFTqK4XAjlkWPL9HtR_zmm0KXFlNEa6AeCu-PQgUkGAYBt-GRElH_xEvP5tijjXC9_OCnRuu28wJRDNmuMBeXO4UksmqsBNrPg0Ix0ukJrZIGQvd4MHHZ81ZtbaGml5SmIEKGY2tuh1FA6gLxw4WSTLubeRD_oHDWwI2XQXkNNe6_eh-A83LehX-PyOouAUNt8KFPRQaa35bLxw-1eZKK7eL93yC0caZhrdV3fBYSFADmgW-cf-FRmj9Wubbypd_q7XcN7wyBWNJStqoRBKXJ89fioRMHw5_ZdCue21z5T3j8JKT79nDnLCZQjIybzgz229yJejea&sai=AMfl-YS8Humim-wI1Ta8uImrVGO7zty-BGuLJfJ2KR71VO6tO0XpoUzREH7SGcrSY4okFCBXel6IsuMvALdKLU-d8Pu0OQbpr0DAacZqKiBd_mMHHFEQLyYZEt4M--tYYRo&sig=Cg0ArKJSzJx7AGGzmz4eEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7DD2 0
0 44ms
44ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW5M2mVmyG7cgDfbLHftp4HpBUBsYNOuax39ODMZzC8-KU4zqEd9G6ghj1-x_seJ3Baacx031I8P9Wp-A-P_xtrVuiyniyszBSfMpKmaghZnvDcJgQkZ5meSnP7stsNey_D6YFQ81mK08M7lnNWpqdTQ6qowE1--JLc5yWOAsjuK9b2v7ktCVvtT3S3sIoY16gBRqQpZSOVa67GtsKzb7Rd_84rZ8DGwXo8vnLmu8ktpV2y3eerGuAcowgk9Oy7_7WcbS3rbP4Z5jXMMCSqTUq5ZkSJPu9Hb1puB4opuh7jxag56EOsSamjZvpBlPOhy62cZCsyaFDYVWl8vThqBAWFxgHBBkF_3Kc0A&sai=AMfl-YSObMiNS9mU24ZFIwKMprTWRmOBA1c5AQY1QuVsS2smp9B3sEBnexcS5j9hc9rWitUhHdYdO6NJn3Cd34qm-XbkUBOiLgjhwkLmJmqKAWaxMhrhPTFtb2CNdoAaBwYA&sig=Cg0ArKJSzIWGQUEmyUyoEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7DD2 77 KB
26 KB 24ms
23ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1058 / 912 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DD2 119 KB
36 KB 32ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
140 B 91ms
90ms Image
image/gif 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL2hlbGxvc2VoYXQuY29tLyIsInJlZmVyZXIiOiJodHRwczovL2hlbGxvc2VoYXQuY29tLyIsInVzZXJJZCI6IjE2MzgxODE5NzE3NzMwNDU4YjViMjZiLmMzNGQ3YzI4IiwicGxhdGZvcm0iOiJ3ZWIiLCJ0Ijoic3RvcmVMb2ciLCJ0eXBlIjoid2ViUHVzaCIsImxvZ1R5cGUiOiJuYXRpdmUtcGVybWlzc2lvbi1pbXByZXNzaW9uIiwiYnJvd3NlciI6IkNocm9tZSIsImlzTW9iaWxlIjpmYWxzZSwidXNlcklEIjoiMTYzODE4MTk3MTc3MzA0NThiNWIyNmIuYzM0ZDdjMjgiLCJsYW5ndWFnZSI6ImlkX0lEIn0%3D&t=w&pn=hellosehat
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6b5b2caefd36d60c-MXP
content-length: 42

GET
H2 200 collect
log.api.useinsider.com/v2/ 42 B
95 B 139ms
138ms Image
image/gif 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.api.useinsider.com/v2/collect?p=eyJyZWYiOiJodHRwczovL2hlbGxvc2VoYXQuY29tLyIsInJlZmVyZXIiOiJodHRwczovL2hlbGxvc2VoYXQuY29tLyIsInVzZXJJZCI6IjE2MzgxODE5NzE3NzMwNDU4YjViMjZiLmMzNGQ3YzI4IiwicGxhdGZvcm0iOiJ3ZWIiLCJ0Ijoic3RvcmVMb2ciLCJ0eXBlIjoid2ViUHVzaCIsImxvZ1R5cGUiOiJwdXNoLXJlcXVlc3QiLCJicm93c2VyIjoiQ2hyb21lIiwiaXNNb2JpbGUiOmZhbHNlLCJ1c2VySUQiOiIxNjM4MTgxOTcxNzczMDQ1OGI1YjI2Yi5jMzRkN2MyOCIsImxhbmd1YWdlIjoiaWRfSUQifQ%3D%3D&t=w&pn=hellosehat
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6b5b2caefd34d60c-MXP
content-length: 42

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7DD2 344 KB
116 KB 22ms
21ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
H2 200 pregnancy-09025342.png
cdn-together.hellosehat.com/2021/07/ 7 KB
8 KB 412ms
396ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-together.hellosehat.com/2021/07/pregnancy-09025342.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2be00176be4473c549a05a06fc284e15186c46c81d430fc903b3b18b0a24d0ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=BLml2Q==, md5=NwphH/Aqhy1X/97iWqKGPg==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=9125
x-guploader-uploadid: ADPycdsihIOMabAX2P4FpyNFvn0HYJIh5Cw9psssACH9IgyVFZgDS2T0icC4Xh4zRMCqzOlwQB1j2c1t3dirmjm4KCKjO86UGA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 7575
last-modified: Fri, 09 Jul 2021 02:53:42 GMT
server: cloudflare
etag: "370a611ff02a872d57ffdee25aa2863e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2KitxqSwc%2BWEV%2FzFbZTakiZMQ8GQVABCE12Is5Qc37Bg63YLUgrQrce5tTf3uxMvN8ByJ9uAyy0CJr%2BbPMGuBKYqay%2FQXPM%2BIAjVXVnET06%2FADnNOVyVAAHOka%2BDMtWoNZFF%2FOEULgkx3MhZcyz9454IHbWiajxZg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1625799222638665
expires: Mon, 29 Nov 2021 11:32:52 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 9125
accept-ranges: bytes
cf-ray: 6b5b2caf4df80f52-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 parenting-08134002.png
cdn-together.hellosehat.com/2021/07/ 10 KB
11 KB 389ms
388ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-together.hellosehat.com/2021/07/parenting-08134002.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc6bac41e5a8a10a5cceb08823a125d9bab2b145becbf2eea0c03a7b547a8a58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=NGKuJw==, md5=crN2ESqWyTwt9PJBpNFckA==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=12574
x-guploader-uploadid: ADPycdszVZW68tO-ufeFBWa2ESc57AxbHPfcqG17yWs8I9nHk8Tokaw4nhb8bYI5xLpPe6ZLi9qfK0NmVmkmfY14QRE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 10366
last-modified: Thu, 08 Jul 2021 13:40:02 GMT
server: cloudflare
etag: "72b376112a96c93c2df4f241a4d15c90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ne2Pa5fHWBqTHRuPA8ZHku6v6%2BZfFqBBFFYzQ4hK1pS8A0PIk4%2FpGYQ5mwYp83HrAJAP%2FS66ftesZ5pxqInA2YpWchSl20I6h0vp6CQ1342pBn3HRwMNSuWP4auPdwEUmYuuwyL%2FgIF4KuKVauRhNiJrjuARYhzSSA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1625751602480169
expires: Mon, 29 Nov 2021 11:32:52 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 12574
accept-ranges: bytes
cf-ray: 6b5b2caf8ebd0f52-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 diabeties-08134136.png
cdn-together.hellosehat.com/2021/07/ 8 KB
8 KB 366ms
366ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-together.hellosehat.com/2021/07/diabeties-08134136.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49bf92a46b4b79c8c10edfd5ae84ff78edf267ae9a4e245946393bc668a7a30a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=bqO/7g==, md5=AJI6zR3kxjSKdgrTGSA1bQ==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=9475
x-guploader-uploadid: ADPycdu-xXIAHBDkSQgOraezsPPiwAClVayk8nWga5ORmTCCLimGdhhnC_SB3mj6BpmF0csz7lJkH8wO4dLk_upaumxWnfe-kQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 7687
last-modified: Thu, 08 Jul 2021 13:41:36 GMT
server: cloudflare
etag: "00923acd1de4c6348a760ad31920356d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ke%2Bv4%2Bdlur7LpxShrkKq%2F5INGBNCg8qHiF%2FcQih8XYdOYqLrhBwe2jtuOvkmbtFcqs%2FkNnj%2Bc7AWla2M1Ds78CW4zChZJZfsE9JIebJdZn5SUTaIdsTyzlK0NP4ioxoUWjeKuxiEYIbjmzvGJE59prpJRrL%2BVJBm7g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1625751696808163
expires: Mon, 29 Nov 2021 11:32:52 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 9475
accept-ranges: bytes
cf-ray: 6b5b2cafdf820f52-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 avatar-04084004.png
cdn-together.hellosehat.com/2021/08/ 15 KB
16 KB 394ms
393ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-together.hellosehat.com/2021/08/avatar-04084004.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3377d4797615d90b310726ec1f66cc791f270acae6691044f46063938359e1ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=8sHBeA==, md5=VKYH4CGyIlWxd91BVfW8QQ==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=19864
x-guploader-uploadid: ADPycdu98sacLw3F_QM6o8AYJBNl594clhPbH4FZr660wZNUhfnamHmzvDQtKuv4BFcLVvZquZcWFuODmEKdREbNHN17eRdpeQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 15848
last-modified: Wed, 04 Aug 2021 08:40:04 GMT
server: cloudflare
etag: "54a607e021b22255b177dd4155f5bc41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brtsxGB7B9rhVg0CIE2E4%2FKF%2BaN25HIJapdMWjjO2Oa8sBWtZNpvCmHjTbmUyfl%2F0MerVCMygMAE3y6dKGJlIEWxiUEjnrv%2F1ziEmeWP3dJE9309%2FsTVGhtWXAbzxsqBmcLRNKzcptUrgmNWuXBaYRIDprZCqT0lgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1628066404230558
expires: Mon, 29 Nov 2021 11:32:52 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 19864
accept-ranges: bytes
cf-ray: 6b5b2cafffee0f52-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 avatar-02022037.png
cdn-together.hellosehat.com/2021/09/ 5 KB
6 KB 389ms
389ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-together.hellosehat.com/2021/09/avatar-02022037.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d52bed0242ffcc95334accbb7cc711bc5c7b07464c8ad34b3a245ca4e0e2730d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=g6QwtA==, md5=utVFdjUWhWW/vj74iEe3sg==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=6965
x-guploader-uploadid: ADPycdvvUL_cPkW01ecVXR_npRMOccBOtc42NcvSEyLAulRrTE5sMDaS96yrBe2u2BQudWNAO1g-gN0yGDXlKtpBkn8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 5033
last-modified: Thu, 02 Sep 2021 02:20:37 GMT
server: cloudflare
etag: "bad5457635168565bfbe3ef88847b7b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ixpvKpjn7V4IYr1cCZ%2F7BD7OckntK7jN%2B6APULW1FZxdapqucWATY9DBev%2B%2FKZoCL%2FMUqLAnrZtPa79PhuD7IYrDCql%2F7piGcz3P44fLBrVWD780VYl3FvBSaCUrOFgywMJikTE%2Bb3Xz7V%2FdRwwWoSQyuCwZST70A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1630549237740703
expires: Mon, 29 Nov 2021 11:32:52 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 6965
accept-ranges: bytes
cf-ray: 6b5b2cb0082e0f52-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 Avatar-30033423.png
cdn-together.hellosehat.com/2021/09/ 6 KB
7 KB 379ms
379ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-together.hellosehat.com/2021/09/Avatar-30033423.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 229f53b3aad663265100ce09043b93446b42d852a9e1af1fce1bef88dfe0a43e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=XJ4hPw==, md5=pmsRgqEUQwVI4MuYUw2ZLA==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=9090
x-guploader-uploadid: ADPycdsFbXYg8etXQDH4Utmd0eEu9qXMOhHNJKJeEtbJAzVRO_b1goKxfUtYUOfe1uErndIU2ofUmad9jeNz6tBcEs0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 6231
last-modified: Thu, 30 Sep 2021 03:34:23 GMT
server: cloudflare
etag: "a66b1182a114430548e0cb98530d992c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HWRj3evg8BF29N8UzND88wagXimOLASfrx2Uo0D7Ew%2BBhnvkSPfK58q9BIwHdodHR2T%2F2jTlgTIKcGdjaFZ4nf833LJujhEhvC1KiqTDFmSBQ2YI5q0EnjD6HojmL9sKPUVK2DhxYkl7R2aK0P4bNuY2DoZWIjY7w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1632972863298075
expires: Mon, 29 Nov 2021 11:32:52 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 9090
accept-ranges: bytes
cf-ray: 6b5b2cb048e60f52-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 Avatar-30034159.png
cdn-together.hellosehat.com/2021/09/ 4 KB
4 KB 362ms
361ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-together.hellosehat.com/2021/09/Avatar-30034159.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9ff49a66a623e77f9c5c90b010dcb5d344f04bd86fa5a294af83b7d836fac1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=rNmPDA==, md5=hgDaQZBSAx6CJac8ZkHGRg==
date: Mon, 29 Nov 2021 10:32:53 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=5084
x-guploader-uploadid: ADPycdtVVKukMytuSiKzJXcZEyaj5H3S33B2OspacMcJ6MzdxT9BkTrmw6UnSPWNeqnWlagnTiVo1hjUvEE1h5Rchs4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 3797
last-modified: Thu, 30 Sep 2021 03:42:00 GMT
server: cloudflare
etag: "8600da419052031e8225a73c6641c646"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5n9Cqeh%2BYbP5Ya6rUIYGwxIzTChjD3rnV42nnhx4KVCUmygh6wLgvNHkfvT%2By75sRuog3Tvvmz4OYsO4H6n82n3Cm%2F6KeOIkH1UsVPdzV10g%2FtMuGv6oXH5gJpra6mdOjAsSKrLkxbsAGxcbKSuBCCKsKtiFuL0ZhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1632973320125565
expires: Mon, 29 Nov 2021 11:32:52 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 5084
accept-ranges: bytes
cf-ray: 6b5b2cb1bc8b0f52-MXP
cf-bgj: imgq:85,h2pri

GET
DATA 200
OK truncated
/ Frame 7DD2 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613b0ee1b9104aadf7ad9f8f0521f17d610859e818aa6ad959865f4d99abb8ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 D-Pregnancy-08131918.png
cdn-together.hellosehat.com/2021/07/ 425 KB
426 KB 54ms
54ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-together.hellosehat.com/2021/07/D-Pregnancy-08131918.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fdda2b62ec1c2cbb6bc0b77617232ce6ae40e0e6ea786cc1b4afd43b9fbb6f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=lEdJVQ==, md5=poAGfJ47PrFXtidmvLx0TA==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 432
cf-polished: origSize=475947
x-guploader-uploadid: ADPycdsXphKjtH1v9t1PJVXi6BrKWrd44Cd95dY8bZb8x4MQ1wC9zKqQuMXmRc069PrlVAoiHtesAgohIAxTzN0LL2Wxm2wJ3w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 435079
last-modified: Thu, 08 Jul 2021 13:19:18 GMT
server: cloudflare
etag: "a680067c9e3b3eb157b62766bcbc744c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95mLXCuu3OPldwhdn9UbvDVXzfX4LBwDul721mlDodohr%2BfCR7GthuyBfTFWWbCxGFPO55%2BW0lh6CHriCtkvnUZXkkNZ8CJJd7110yzS6V1EG3hFPyjA3SvrISwoheJqhEQzw3lGAMQ5uzxKr7v5T2DDoWQmGn4MTA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1625750358593782
expires: Mon, 29 Nov 2021 11:25:40 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 475947
accept-ranges: bytes
cf-ray: 6b5b2cb1fd170f52-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 D-Parenting-08134002.png
cdn-together.hellosehat.com/2021/07/ 352 KB
353 KB 376ms
375ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-together.hellosehat.com/2021/07/D-Parenting-08134002.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc0d58f64b5c52b2453baae3f378caf2ac9d509e24f8e87ce130a1de12b9752e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=zFLtSA==, md5=SGAqvT/jJSKI3D3CYrJ+Uw==
date: Mon, 29 Nov 2021 10:32:53 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=386992
x-guploader-uploadid: ADPycdtajSVauTnjKJS9KIs-fBwNKvRMw84kQc4QwUg2h1qFV4GkIoqvutzNO9AcLODPKE6iGWutlsTCDpigv021lW55cRA4FQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 360674
last-modified: Thu, 08 Jul 2021 13:40:03 GMT
server: cloudflare
etag: "48602abd3fe3252288dc3dc262b27e53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vs8lZpGAXVZzip69ObYGREA%2B%2B23%2BU%2FDNdex9VJ0ywsgd53F07Q30DDFeQ9%2Fr9vsKO2UM2uCahCEG5Ly7R6RbWh%2FecudN4d%2Ff1jgGy%2FFx%2FuZHPRsF6F5GzO%2F5PBccHr4QrpgKcG196gfc0NxnUT1Za%2Fb0xRqIT5CFqg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1625751603042536
expires: Mon, 29 Nov 2021 11:32:53 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 386992
accept-ranges: bytes
cf-ray: 6b5b2cb22db00f52-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 D-Diabetes-08134136.png
cdn-together.hellosehat.com/2021/07/ 242 KB
243 KB 37ms
36ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-together.hellosehat.com/2021/07/D-Diabetes-08134136.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3190051c5efbb7302d601250dd82282bce1b59b45818950f605fade6b5493287

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=dSLVGw==, md5=s2ldBjyYY5cWunvX9XYrvQ==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 432
cf-polished: origSize=268540
x-guploader-uploadid: ADPycdtr-5nPrzXGjMrOZoZcQE_XbjJ45m6KCnD1boKmD-sUVei579JwyoVWejTpFbp5o-XTpSYHa6vUduQQKzpcHvJybrQDKw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 247980
last-modified: Thu, 08 Jul 2021 13:41:37 GMT
server: cloudflare
etag: "b3695d063c98639716ba7bd7f5762bbd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSVDzaxnKZ96UGn0EpmKhABx9pjIP6Axn%2B3pdl%2F24xB%2B%2FkpnG2r4U3R2gjHaN3u%2BfPJzPKSX5UuQfJnzpP3pn69HM%2BvqxredNki5zbO%2B6HQ08yg1jzE%2B6KuANhrgYxHfeMKnCEruU%2BJ%2FERACDXeJaf9RdxXaJLK%2BQg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1625751697166204
expires: Mon, 29 Nov 2021 11:25:40 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 268540
accept-ranges: bytes
cf-ray: 6b5b2cb26e270f52-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 banner-04084004.png
cdn-together.hellosehat.com/2021/08/ 77 KB
78 KB 46ms
41ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-together.hellosehat.com/2021/08/banner-04084004.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 611f83ab8f68ec42b22e8cef3c1d1bda597cca149d1210c5d695e479a7817167

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=aF0vWw==, md5=DKH5sqT7tdNPvl0G1B+4jQ==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 431
cf-polished: origSize=78861
x-guploader-uploadid: ADPycdsUwdmCG0KgXvmycfZg8zJ037l5_YDTq-hdp-rQEBJc2OgZT5LkjIZ3qodBB3JFSyoJjy7Yeu-3VATMNnMm2ZyB6VPIww
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 78840
last-modified: Wed, 04 Aug 2021 08:40:05 GMT
server: cloudflare
etag: "0ca1f9b2a4fbb5d34fbe5d06d41fb88d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yob1SZhenvf2YxkDYWxN4bUjTOPcpclKXPOYZYUKeOLGNpG1DLwWp3dCKQcJOtcLSJEYpkU8va63IUOAyrWnu1tq1%2FedSqE%2F1cYI3kXYLED5bk9ilt8E%2BjrkSWx1T4UwLadwprMmH4E3UnKZKUtAdu9ve6y9VCM9JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1628066404926100
expires: Mon, 29 Nov 2021 11:25:41 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 78861
accept-ranges: bytes
cf-ray: 6b5b2cb27e4f0f52-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 banner_Desktop-02022037.png
cdn-together.hellosehat.com/2021/09/ 142 KB
143 KB 55ms
51ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-together.hellosehat.com/2021/09/banner_Desktop-02022037.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60e35ab493bbcff39bed424f8ed65f380ce299b2218cd1ec082ed3cbe717bb52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=j+TqdA==, md5=fCtMmW6wNq7hF8tsSn+nrg==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 432
cf-polished: origSize=145802
x-guploader-uploadid: ADPycdunVqM5KQV8ADjRLlnzXBbJkHa9Pk0Ge64VEAVbCD9RekegAkmnYPQKeLPraJaNQuPEcxP7K0D1a4NrZ80SXMuaEOhi7w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 145781
last-modified: Thu, 02 Sep 2021 02:20:38 GMT
server: cloudflare
etag: "7c2b4c996eb036aee117cb6c4a7fa7ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcEdbrX1QtpgXi03YyGn5bpttIxQwVVnT5MB2%2BHgRirNaMncXQzNzoxidLSE5Y5iqmhLCe0OmN4NE5TIlgC6Iut64H6wnGM5A0A7y9jvyDu2flA3gu9VmPutkztALs3zcQct%2BrPFCEWcxEpuKvbMSkevL9xICc%2FsBA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1630549238305557
expires: Mon, 29 Nov 2021 11:25:40 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 145802
accept-ranges: bytes
cf-ray: 6b5b2cb27e590f52-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 Banner%20-%20Desktop-30033423.png
cdn-together.hellosehat.com/2021/09/ 153 KB
154 KB 33ms
33ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-together.hellosehat.com/2021/09/Banner%20-%20Desktop-30033423.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 853c923bec8aafc3344bd9dfdf81cb68d62e7965207e45411dfa89e9286da360

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=hZbXNA==, md5=HtAJcKCtXJCaTN/3NfOeOg==
date: Mon, 29 Nov 2021 10:32:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 432
cf-polished: origSize=156934
x-guploader-uploadid: ADPycduuMhtXpScl1z7qSCnV_uCEUSpE3sdoagJ15905opJ8GVff9SY_YXmLrj4V4k9O3z73_Ty6kYlYwfDvDeylD59cz5cWhQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 156913
last-modified: Thu, 30 Sep 2021 03:34:23 GMT
server: cloudflare
etag: "1ed00970a0ad5c909a4cdff735f39e3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbyDssAsx8oRfCXpktYfBh%2Bx6HQcKPnBUKidIT7BKN7q%2FDVM4qXp%2FoGwQHx%2FDaBzY52rioCkPDeddiEuHl9BZs6HTLSesTs3jqxGsToMAS%2FKjg%2FOWeZS0IKwkb1QAMWdbo5VR4xXwTa9cVj%2BBXqJV8pKuzheOzNCZw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1632972863628547
expires: Mon, 29 Nov 2021 11:25:40 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 156934
accept-ranges: bytes
cf-ray: 6b5b2cb29e9d0f52-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 Banner%20-%20Desktop-30034200.png
cdn-together.hellosehat.com/2021/09/ 97 KB
98 KB 370ms
370ms Image
image/png 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-together.hellosehat.com/2021/09/Banner%20-%20Desktop-30034200.png
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 296a20819f90b1b6469e4d3819d744486039a6fa8c85064e147368a8c8d840fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=YR74bw==, md5=L/d1cuVYKW6YPvbstpTTBw==
date: Mon, 29 Nov 2021 10:32:53 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=99351
x-guploader-uploadid: ADPycdtRKBOLxuxTiHTf8LC-jV9aLXYhyPAIL34gqfJJBlS0CrOI9DhzKOus7R5eFgx1P8btfSg1FoILy6GeZkh3WYstTfvC_w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 99330
last-modified: Thu, 30 Sep 2021 03:42:00 GMT
server: cloudflare
etag: "2ff77572e558296e983ef6ecb694d307"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YI8pkbOUhJhECiv5CTzgp1hE4RU5KOZkhgdKVEMYwfMJu3Vf7MqcTisG%2B43OrPY19khEtbMNiBr9eO7SET%2FAaPv6%2FhMLeTSSlcUvXoy0Ekn5DtT0SdQzOH%2B20lP258E3EkLizxHYWExsIuuBIJve%2B8fxXzKFAVY%2BSw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1632973320425882
expires: Mon, 29 Nov 2021 11:32:53 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 99351
accept-ranges: bytes
cf-ray: 6b5b2cb2aeae0f52-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7DD2 107 B
122 B 34ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hellosehat.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7DD2 107 B
122 B 34ms
17ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hellosehat.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7DD2 24 KB
11 KB 331ms
329ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3209391782315946&correlator=3146779300295050&output=ldjh&impl=fif&eid=31061690%2C31063182%2C31062931&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=21849154601%3A21682272649%2CAd.Plus-728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60%7C220x90%7C300x75&prev_scp=site%3Dhellosehat.com&cookie=ID%3D9d1f06adcdc0aea1-22e1920513cc000c%3AT%3D1638181972%3AS%3DALNI_MYz56-KZKCtF8p5HwLfSgZo3Hv5bQ&cdm=hellosehat.com&bc=31&abxe=1&lmt=1638181972&dt=1638181972422&dlt=1638181972288&idt=124&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1006&adks=1352671502&ucis=vjk08m9yfqn&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fhellosehat.com%2F&top=https%3A%2F%2Fhellosehat.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=728x0&ga_vid=961788329.1638181972&ga_sid=1638181972&ga_hid=880833670&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6593a5f2ae81292c595372d6515811b76cf94a646253629c78bd595bd21bef51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11247
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hellosehat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C282 6 KB
3 KB 30ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 10:32:52 GMT
expires: Tue, 29 Nov 2022 10:32:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A528 0
0 42ms
41ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7XQouFItOerZr79FW1s_RoV4YYULOzk8vVcYLV2OUeBEfdhhVA0MUFqAGpfbl64vsM0kdB4aAW1h-7xCZebTNvsvMhNoUOLFnw11zEuiH2gX_p9LsAnMZBHe9GSXjLipLd4IG9YTe7rrgwPjTCT1YtuX-thluFz-hQsC2azKmY6oJJ_HcIBxMqg2wxl_RFisZ0J_uUKknQXIg6RmYEtlc_D1ur04SxTeXXscTlyES7twP3m8PJN4roDyB14vxkGL9Tn8TMzvj3vwVzMSvt2MnEBR6X9uPrEeDSNwi0vBICENMsUZhxcSZ2kPVfpb_bjx7bm1Vky8p3atL0vD4rmoJBe6ppF4ofJGD9Q&sai=AMfl-YQr8FP-pTtLNWG0VF1rIgV--VnIGTND47xovvoHMU7e_SY7W2SNttl5Msr5FYTimLGODYwpB2IHfzeaunkMyY1co0cVITcq7CNLhOGAynOOY1kFngt85oqSKuo5VOM9&sig=Cg0ArKJSzH9a05ylZNHsEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A528 77 KB
26 KB 20ms
19ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1058 / 435 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A528 119 KB
36 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7DD2 0
0 44ms
43ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiA2OjqDYxslrJxQOQPV6YALM14zj8ER8Ufz3y3qp0pvzQhBHnrzQiJrltUUJDnK5KRSiK8l6FGpEnoWWPTyAe-0HEi8XDrriw066VgDTjuE0OaLW8idKQaI-Wl5HekHFfsBmPjLAjerQfWTPtEvQQxblIaNvTomyaF7C5v8OOxldpWsmWgiIqB_jQKXaQecuJOLv9qFylqZLEeqYgYIvNrYMTOQ32YPbjI75823ew0G56v-QmLGUgBna4WabHGlL7WrqC0SRp7BYI-vzhrHuuF-rVsP-NFi0r5sxILPt3BYsrswlvNNCgGVxecR0nRGneMcHDdI3ZC-g79123osHMUOflfsHan5YBSydr&sai=AMfl-YQhaThK4e6mEsS5EqfpWaDNiel24WKXIaewu3yVJfSLkuB-GoAfCGai6PPmenH1bTo9J56I4mbK8r_rfvZOMi6FDaUd69w4tsgReoJVralyVf2LCVCQODi8CquQ-WSb&sig=Cg0ArKJSzK8X92RBqkCkEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7DD2 12 KB
9 KB 49ms
23ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a78749f78474f71d16df5831a8741ffb5bc31227b233d9f8950f716c8152f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9266
x-xss-protection: 0

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A528 344 KB
116 KB 17ms
16ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
DATA 200
OK truncated
/ Frame A528 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2621811a66be17628025ecf7b4ee1f2320d3eb3ace7458a201f7590faaddd2d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7DD2 17 KB
7 KB 82ms
58ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
H2 200 categories Show response
wp.hellosehat.com/wp-json/api/ 89 KB
14 KB 675ms
675ms XHR
application/json 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wp.hellosehat.com/wp-json/api/categories?type=all

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.23

Resource Hash

2aa406650d02194d02f50684cfed4d6ce76ea3c2fd17a643e1d9793d6d559e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://hellosehat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.23
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6qf%2BcTMaLCfzZgcB9Qnq2dXNpLKFKpS6%2Fi5thYtAr2eht%2BfCE8BFWnFc5iuc12GWy4D4xc%2B9GoY6MmfcemzgqvSz2TH2FsWndPDFUkKIeQiJeMR5zIPMUthSKPSWpci1BSBtcym5Or3bYEFLqGV"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
cf-ray: 6b5b2cb05c2768ef-FRA

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame A528 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hellosehat.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame A528 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hellosehat.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A528 13 KB
7 KB 250ms
249ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1785235415665783&correlator=8894190589644&output=ldjh&impl=fif&eid=31063812&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211129&iu_parts=21849154601%3A21682272649%2CAd.Plus-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C200x200&prev_scp=site%3Dhellosehat.com&cookie=ID%3Dab7518951c175b82-2294190813cc00d8%3AT%3D1638181972%3AS%3DALNI_MYwCzvU-1cZefyYoPxljnCxx77PbA&cdm=hellosehat.com&bc=31&abxe=1&lmt=1638181972&dt=1638181972548&dlt=1638181972460&idt=82&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1002&adys=1989&adks=913468945&ucis=i6hcxrhp4np2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fhellosehat.com%2F&top=https%3A%2F%2Fhellosehat.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1105425684.1638181973&ga_sid=1638181973&ga_hid=1446038880&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

657c3b320182a15c3b15ea01814d2de305204ba9c6c18deeb0f3889ca78720ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7476
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hellosehat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A4A9 6 KB
3 KB 30ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 10:32:52 GMT
expires: Tue, 29 Nov 2022 10:32:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A528 0
0 44ms
43ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss50_rK82PARXkrfSSqQxRxaUtRsx5JewUuYHwrLoBig9EUGYCV00SXFssuwgeayhUZ6_frSpp53rbOL61At067knSghc_hA22Vp2z9_6Fzb36mzlPJbDuARnj-cTNRtJRfZSr-9uNJsflkmzBIQNWP_kg84LcAn9vKPx9zqifQg-9bBWcRDU0x9RPvy5hF7buxur76VZBfMLE24pkY4fh_s5xTmuuT1wfEQKUeZPhe-j6DshI5UzSCgYy7cSxgII2psj9qKLPF_7yXidOgEZzHKvWOYQdtvMZMc7a8ag6L4TDMQfBWKo0R2Y1REBROjnotuvR6Pue8FAng6O79Y2wmX1XBjsW6U894gnlU&sai=AMfl-YTVf_gy2O8rRvn8tOWSjthvEhDso3mnlrOJ36GBUTnLnYVzG4bQbCA7rY0alxle-7Gf3_nLU6tugDZFX5lON7IMcR38l1l5AaDbpa7jYCD3vMnleQKPfiq524AauXIc&sig=Cg0ArKJSzGkD4a0BceAPEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A528 12 KB
9 KB 37ms
22ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6fa42c8ac54f1c4a2f5dfc80224964a0032b062c4ab482a92cb6db0f8122604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9316
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A935 12 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 29 Nov 2021 09:13:48 GMT
expires: Tue, 29 Nov 2022 09:13:48 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C110 783 B
1 KB 45ms
19ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c81f6241c39561fb1df11797bdf04b68474113a5e532ddce80c409eecb9ab5f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JpVsfoMXU+kVB/4O7QR7SQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 29 Nov 2021 10:32:52 GMT
date: Mon, 29 Nov 2021 10:32:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-JpVsfoMXU+kVB/4O7QR7SQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4148 6 KB
3 KB 27ms
9ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 10:32:52 GMT
expires: Tue, 29 Nov 2022 10:32:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A528 17 KB
6 KB 154ms
154ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
H2 200 healthtools Show response
wp.hellosehat.com/wp-json/api/ 7 KB
2 KB 646ms
646ms XHR
application/json 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wp.hellosehat.com/wp-json/api/healthtools?_hasgroup=1

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.23

Resource Hash

05b35c239de0094fdaa49335791909b5dea9cb64357d868e990602ad1e2e8262

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://hellosehat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.23
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNqiGSc9%2FqPFum7dX4Iv4bTZOmLKGzapCcA4PECMR2fJA777J%2B9MHXmEqTK33zc8K%2FAavpkiILpAG0FelYiB%2FjPBBbX5M1fp8BT8ieDyAZFu0dR2Lbtbvop0%2BtScFbneK%2FPHjpP%2FX4Qawi5Hlqz%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
cf-ray: 6b5b2cb11dde68ef-FRA

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame A935 35 KB
13 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 16:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 16:13:39 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A057 624 B
838 B 44ms
18ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiG7oW6ATAB&v=APEucNUWXk4bJBUHqEBaoH_XSokdLY0KShACvLXQDNwjhykODbZ73SYlb8u-8dv293K9x9HPNq_ngenNwOVboyZbAAWZi3F8D89by4QsE29VntoFRvRACL3zI8hhzd4qsPlKOR-k4fmofkHoj2rcmHGN0Z9EFXhVULzlEyukObduAiM-o9mskDg

Requested by

Host: 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
URL: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 29 Nov 2021 10:32:52 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4148 13 KB
10 KB 56ms
33ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BkMep3JvYu4_a8eYQl_W0xPRHC08kY3TYFOL1zjJNIy145KnpVxQ36K0-4wGyY4KmpRXDx1ZfOfwI6yj4xDLUuNMvByICEtTYovgHMyFN_sgzfxcRe-85H-_beWqKRzpgutyVEdUvFLsry3i5ZEFKa2pR9Fg&dbm_d=AKAmf-AmckConEoQS6DBHZF0Y_PcXXNM4KVYyFgec0_H-9kQ7Jb2VoVfwv57QDUmjdb7qXYMBYnvIV7xK0GDAtfTLwdsjOZzYmKSWqhq24P26zE3WrlJbecOiJeXG0joN32jDkEKhwVn6cob1VwBLvJIgShuguZUE-h-Xv08JPqCAOvrj1TikFR-zQRgHLSwSOqLVqu7BbupUSFK5F5JI99iFp-PtS6IvGxYuyX6I7oLZ1qjfHxFhx3wi1zRw47ZSywKJG4sx7oN-JGO8Bnk_zcOoNNBn8Qa-FIhOgTHB_5lcXz_g5kBrwsd92yJ29lhL6qEdIFA7GxmMKcExjaGNaDrPi7_zeyztV5jssa7-IU_5ma8m_Wa7DfGXudFe7sCodEuyiUMCJMlKm32J2EgpectpoOYGhxWWCxoF0PSSEVwB8cyXwvrAW_MehWsXGZ_Xk1zi9nyADr2IUvbi7gTJFdzVhUGKRzEetF2M9U3QZhBqY85kWV809uTVqao8gXjOw3j3u4Kgs1W3L8Ed-kbqB9M_Vi-2lQROcGCbBZdSTFXH7kMlIqh8QTIp_cxUX8RuOS8MZOMseT3-sm_4a2g4SaLF7gcQ9XE378yoxAu-9pzo-Svyql_FyNwfazCg39r5hwgwMXlZXc18PYuySbOms0lDfoUuIiYfdRyuNgdwGGsFOm0OkWBLuNBN5H1Y_q7e9wuzAiOzpEuT8FjZqVndTKbWbd0rNuo3iw-cDupyrdL6XPVk4DhebGojmcsZRE45xcQCr8A7p9ePDA51varvSTMNP00rAvQcgnN0SyBNNcA3zbtGmcdwXPWeoiX-F6odLLIruNBOMfcd5vGoMwchrfig-9fQZS0Pih5MhVWloVa6PrAWFq9n3MUKRjSwmkEMQoI1y4vNMFDKuhaVzupqc8bZfLGnOJjoTA6ifSFxqH0lAAnOanyU_zMEWw704j0T0HiTd-IJT8ieYaLadOx0qmFJ6_rZdCvQEZ6shbL3cxVyecZ47hKuHyfeJ3zczhT3GG2EHE3fg9-G_QX4uqHbcV9jDrh5gUZtV5SI4Br5e9vSKIjsB5cvpBBxm6DenJ85-FUmRZS7uHCum0h68vncR9dEZy3ahv2pai1-xpbUH6FiB75MRgN3ExMzlPGtpg37A18Rf6bmOtUwKgrkvYiyjHxWTP_MwRld3vSqVyiR6vd2oJFDFWzT-ACeYAkBKMDUUL8drjqcsn_WFuWhKXVDwSzGxgfP6xxB9K4nh7KoCPeGRZjgUHFYa5vT_AiJP3YxiMvXxF4WWyU_HrHTOBAYUK4iOjAHz-YDqsOJvvj4IYer3pEMYAlsOCa0qoJTH7jac7wnXMe4CanD7fAZR8TO3ABbPVJr7ge5XeyxKra3SSoYxBnOMSo9MsYAiHimr2kGTzsu-b8LdgfV3yiZ7Yitibc4UYEUV2De_1XMNS-5NEV3sPVTZnrXR_VXpttX4Ff7itXzm_u3YKDHdoAqlyaMiqY-YHowhOvsozgyC9PG0tGj42Cmv0swO6Rdl1rF-V3QHaMXD4B00EO7Qsg9aTSTk2WEHz8d9QqjbwypQCcbcK5wl6iBh466HMQMatMMSLa0x55o-QyJDG-M3_Aqatt1j6k8t624iA7YWpADYtSH8qFv3FRiy76RwgOXXRT14yaM2888S6b5dgtKcdf9AO-b4hk4fXvQoXVS5Bdy7XW1-GweWZHAwd_ttTHvKJPFxjWOdbYnKIo0DuFYTBZ3BLXNzLj3MwdA6X6u_58Tp9lgrQPkO-NmT7djztwLR1zhzOzdx2-H-xAQ2lBuomUirtCiLcEiMMFdoHtzznscrWT2diJ2TaecdPuDrO1Q3SXCsAadaY8sTqgf4qOR3TbmYAZP09AUvGHmGjgYPlO11aH7qsHCLuI7obUumVBVD6aRliYfOmLg4cjHUB2YAD8jo6NqqzCJRToMrtXHquzF9LbbzuqFDQXt1cvevWSiMZEXnEQ1RF2ACVtmLfuLQ9OvyN6kiiDtKOsy4A4ZHhsLJMFLqmhrRVc4Y6_01n36dmGv1eK-hFEhlA7tpV-_-8URUnywuunrwvBL8BhHMtQextTPR5nOmeomYwVuO8qZf3jVNgysgCHyJ80baOCbnrueqMVH7BNfRxNBWfVgbSCBKitE3eSEetSMO63N7FQVF3qiz5fVcqwtS3Je18Pgu6T71pKqhi53uuEnh3LUk4maCJ8PRV_i4Tvvy6JtbX9ICUiqTyNABioU794ODi1DJjQUYU7ldMEer5OZhgtN-407fSjmF6W48WL6FBqV4NBM5BeOXGUT8Unn97--5uk1x8atIkr0aKOgb06XpDKmP2xrhwQW6_o5807eba4pmWiqNHjX1uRn27oTBMMrzVpGU-5mOXs9FyfJGIauQI3F9B74kDcUfJjsxqup3VHyq2355tR-rSoU4paRwLHJu_2LXSXuZuQGfFF_Hj8k6r8GvsO0rP28DQCZ5UulK5bj0Bx9eUXgOVSgz2ndGg0KbcMExLYHZIU7zXjP-RhrFmysVssT2NF-6aJ9odxrhc0IJE&cid=CAASFeRonstSOF8bEuHEWtfqkHwGXI0dyQ&rfl=1%2Chttps%253A%252F%252Fhellosehat.com%252F%240

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b8b3032c3f782f180b24c052332d87873a7376fad8e6a6eb2bbc7b1d28a192a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9588
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4148 42 B
63 B 39ms
39ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cn8V093tGL26RLDz23phdZDhA5rUfdQkXfTNFQYCEcARkhQrNEsK5YVdmael-FktEE3hqBh9UOtkE4SGZNt0xQNBFMge3gA6rMPavOQhd_VMPfHF8

Requested by

Host: 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
URL: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 4148 40 KB
17 KB 101ms
45ms Script
text/javascript 64.233.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUI2bpVFWT2e_x8qibqUQjsp58JZI8fD88p_Jx_OPp1msaL9cY&d=CnkAoCZ_4FGUJKj14tv1HNgnzCf1fVe3vHvo4vVDqLUjQ865wOduogJ7m9_Q2zCOuMJiDAoEuKBW9RKwfuVMziTSy83qs_kJ4uzKf8rUzW4DrwvbN8NT1NsgP8BUBqqNL6GjLkip-EryzSGkoX95QufIOJuUNNsh5BrMEukRAKAmf-DgZQLyg7XvPDE6p1gQa906pIF4ie6nAPEKCwJd_CT15I6XORjbci4VpIE6YKR9QEr_3h52SdftGY5YhbQqDoY4l7nEJt_IoJ0StyHx_M_3HPHyXT9jRn361DpK3buKJ4iduMRfPTTenso6fqCzW9l1stfzubD7fuGR0z_HGIgVKC0gDTmlRipa0-FZvAfRF1NvWtXfdlN9Wpy8VXKLf1vcfDzaHSBjVT_ur3p28RdQ0pL9G16iY9sOBqJZsikMVhBUt_H_JiNMwCnGGqt3R9e29st9vSegtS9jQqn07kqSTRwEsZVTsYV-E76iux9dIswVxoLgrpkkFVQ3crPm84_6_yMOEnZMoVEZfpmXpesmI2Vuu2gj_avuUVnUNDxGUiv1_oNoIn2bYjQBLd-UeEFBFVsMvORhB1X1ifMAONMVrV_Zis_rBV1fmXuR70rMeOoAq3tVsnGQQJsnMgcksrr6Sph1BUlZ_FT87kH8OKsiUqdwRxFQO2iTWW05Zr1vgBCbw7PFQ8T0P87GabATTeqXLZU8uAZpdNzNpkraIimfhcBN5DxsT-4M22RFjaI7FXm2_APRGaob6aRo9PTcqSv-3YwJ8_UmnOQKuuyunhTklHm8ETZO7yf7fRg7-8SpyNPnnzSEgh5198dkVU_MS3PbtGGCUjCXBHvWuZUixPXNoxSXgTiC61zEQX586FmMIjqxCubTyKiPUDlOBEZJs_7dQRfMHDLV8sqkkstXjxqBWGiCEzYUAlXcLrLD1siD1K77c0AXBs7sMbsbXuN1iRrR365Gwfsw-1QDhIfsjRUBpcapZorh-bZBDgw9TE3pgyjpRXXiT8Fw-DDTLvwprE4cpsZ6L2ShaGdlKJ9A2r1k6BnA8mP-vx1sXYW0P9j4EVPDoa5pp_zjW7NjPP0UooIn4ccufOQQY7Pdvov6b5pS4CpeAXNmMOBbyEqxAax7tMI-waDULYjim3M1C2MWt96XMieevR7bOWXGw1x0cVzoysK3D7Cbg5X7xecmZG6nXfhGpQzvKBTUAXxwSsNz44yD7wuXRFPnbJzdQ6O-GzsQzNtr2T9zxzZ3Yt62diaQ1zmUtNmg-JOdo_yUoX2qpu5ZikRzkv640SfoynBJDWOfo0B3f8J1bOm9_akS5daA-n9bh6hsjKCvHJ6wrzmtv3ZIJ3L-z6cgbyRupP20hwGFFWZD2DayHzivAfZB6c9JKvVhpvmSHty425qZRNrRH9cFQkaSTBIX87uInQmJnqLTPMjq0VpuwKte0Gt_60i0CzKjKXJbVF39l6BxF-WAagMXepFoEYP7TUcGvm_2dvLRnTLjAG0Fcf1eBV-h6q5EH5uuhr3TBh3OanOwVUPbb4o_EadET8jIQtxCWfEl1p6branO5x7GFEdOBCrfGEF4bga5u2aP13t3CwdH83FcwoeFo8NrTedDFdE3HcZYtp_aFKmCJJLlrYQfW96eGoZ4gENV8zgiY0xt7j8P1Y1tFEd8Fgi0zTOiDFFqaImkhjOBkF89WvltKbJg0WNDxqbdfdSfbnNmz1ceDYYhroIQwGgkUau7tMWly5EQ0O-dPiGxgjStTOx-jfP1zBjmUB_94b-0YA9Vu1iY2FHFgh_36tBrjv8mIuGe_Zq4lbBpG3xshdFvJHC4q1250JYabBqtaGIeH6H5rrcezbmDlu-ykNXcpdtb9pFkTGfHvSxhHHJBaIT2l7mcwQTfG7rkqYt86uSIcqqTRctjUPGEJCle0eYzZMzGaIHMANuT3FbTB2JE57PwsC1I5WtY84MK31hzJLEHiMPIbKsDmAJxjgaLwx7YrSJq-3QJOnqhNTjykT0Nn873K1w1pmHt0zjjTEmmVrxO23jfk01jIciOh15jvdOPdrFjOvh9bFnkmhwanmzG852XAvTYxjtKUMK6afYAodI43dzyRyR1hCE53ZKHhPmX5Cdn7drYUmFk05ka0HKnAIc5GZu9pcCsSV_w7vj-NXYeA01ZVDOi8eEyNxIjZ0p59Z_zkkKqtHs55F14KaSbCGmR1wQPgpys2afwRzXXw04NE5JqO9-To8tGyKDBu1q2051JRndE_VeHOGTpCz4Y2rZViRb0SuCEZi_7vPLMI1uL3x4KHIPqiFVbSbLm4KhqCBq6fOPHtH74_q9mPj8qH1gJEZskCg5zYhJwT9nZZcZ3CQHG-9BMVHGjUjr6_6pV7Y9vQL-sIaM73LKVV00zITQoz9FeODxKXpD3P8nbHHg-xNyQDWb3Aj-hzrIDFvo4GmGDeB9xBiiZHeGmQMhYV2SDYjIx2h_1IgaKq1HZQp2B6KebZNBWnujZcmi15IfHwL6TIripkPsrrBWKW-TmWN2LlTe8QquXsWL33K0863fOSRBM9uYCY4XKG5ihYzWiJNkpsP6jwGFqDpLEcqpHhk5mb3tCdjk3aiwGL7WVUXtemesSa8f44q2tdO3CBI1mCea9CjI6459enP8s1hy4OXj_mSs2Y9DHx6VkLLDnCH8EqFa1aG2P6Thfx5V8NpuEK-lXoj9b3A4FJSRZ6OwrMteDBh_iOIrMEkD2qGSm9z5ovqGxB3gppw6yA0FwgAvem8oxFbgLk-NEzOshBtcsR2qVyXRw_hBz9M2WMH4xBEPd-ZLFtyuqVRlj9dRIxhWoDa1P_vfVaVVvBrUJCbmQuFJyzJghE0e1DkHdUvmFlEmyIkfQJO5RzTXiXqbEcrrG0g3qhKiGI07thgcqODw029NTZc72tT8RaC3q94aRI25kgg_4q34PdMTSMtbKnjKKK9mOYLQ4ovr3RfbT6BYZjVJ7jW5JlpuWdqsCzaSVqwaGAW-ys5sb3D5TJEnJ6kr1TA2Knvyt7WXXfEUyXbZ-QrBqUDBC_jSBtHFbKQpKtaQdpGddqfiQRbnlk8GZfH54IZhYc4qJaF5Y-RL-jjLtlSAPnHJcIaKxnxCrmP2fmqp6K5F1CoTmVC47wyFbBoCoj5L6Tum2INn9yICnP_JywVBAross3IzBKAJyQC1RMm4XPsuF2X68T9MaCOh8XgzH5btaJBoZCAASFeRonstSOF8bEuHEWtfqkHwGXI0dyWAB

Requested by

Host: 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
URL: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f156.1e100.net

Software

cafe /

Resource Hash

ef455a6eb787f310a2c3f2e20e475358dd8c72153ea39017f06e4dc6c673eac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17284
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
choices.truste.com/ Frame 4148 27 KB
10 KB 50ms
10ms Script
text/javascript 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90
Requested by: Host: 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
URL: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-104.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 043a7073a89a2f00029f1355bed703a3bf91b369a84f70e18d2b81fb61450ced

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 12:05:24 GMT
content-encoding: gzip
server: nginx
age: 80848
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: fBfKfO_fpQy9MDhKmXoUHhfc6s0bUamnzYu-ZhJFqy-Qu6_X0jpfQA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 4148 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
URL: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 10:31:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4148 119 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
URL: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 4148 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
URL: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 10:25:06 GMT

GET
H2 200 v2.js Show response
cdn4-hbs.affinitymatrix.com/hvrlib/hellosehat.com/1614856472/ 35 KB
13 KB 751ms
195ms Script
application/javascript 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4-hbs.affinitymatrix.com/hvrlib/hellosehat.com/1614856472/v2.js
Requested by: Host: hbs.ph.affinity.com
URL: https://hbs.ph.affinity.com/v5/hellosehat.com/index.php?t=291010
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS: pc-b.bitgravity.com
Software: v/6.4.6/6.5.7/v61bom1-www /
Resource Hash: 03d01210ab20bd2a0617aa0f7090f815e10d238258c72188161042784bd9f60f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-version: 9
date: Thu, 25 Nov 2021 11:57:04 GMT
content-encoding: gzip
server: v/6.4.6/6.5.7/v61bom1-www
age: 381094
vary: Accept-Encoding
x-cache: HIT,v61bom1
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-tata-request-id: aae8dceefe36ce6ee33933228ceea341, aae8dceefe36ce6ee33933228ceea341
accept-ranges: bytes
content-length: 13319
expires: Tue, 29 Nov 2022 10:32:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C110 0
0 60ms
59ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=3209391782315946&rc=
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 container.html Show response
d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 802B 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 10:32:52 GMT
expires: Tue, 29 Nov 2022 10:32:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4148 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BkMep3JvYu4_a8eYQl_W0xPRHC08kY3TYFOL1zjJNIy145KnpVxQ36K0-4wGyY4KmpRXDx1ZfOfwI6yj4xDLUuNMvByICEtTYovgHMyFN_sgzfxcRe-85H-_beWqKRzpgutyVEdUvFLsry3i5ZEFKa2pR9Fg&dbm_d=AKAmf-AmckConEoQS6DBHZF0Y_PcXXNM4KVYyFgec0_H-9kQ7Jb2VoVfwv57QDUmjdb7qXYMBYnvIV7xK0GDAtfTLwdsjOZzYmKSWqhq24P26zE3WrlJbecOiJeXG0joN32jDkEKhwVn6cob1VwBLvJIgShuguZUE-h-Xv08JPqCAOvrj1TikFR-zQRgHLSwSOqLVqu7BbupUSFK5F5JI99iFp-PtS6IvGxYuyX6I7oLZ1qjfHxFhx3wi1zRw47ZSywKJG4sx7oN-JGO8Bnk_zcOoNNBn8Qa-FIhOgTHB_5lcXz_g5kBrwsd92yJ29lhL6qEdIFA7GxmMKcExjaGNaDrPi7_zeyztV5jssa7-IU_5ma8m_Wa7DfGXudFe7sCodEuyiUMCJMlKm32J2EgpectpoOYGhxWWCxoF0PSSEVwB8cyXwvrAW_MehWsXGZ_Xk1zi9nyADr2IUvbi7gTJFdzVhUGKRzEetF2M9U3QZhBqY85kWV809uTVqao8gXjOw3j3u4Kgs1W3L8Ed-kbqB9M_Vi-2lQROcGCbBZdSTFXH7kMlIqh8QTIp_cxUX8RuOS8MZOMseT3-sm_4a2g4SaLF7gcQ9XE378yoxAu-9pzo-Svyql_FyNwfazCg39r5hwgwMXlZXc18PYuySbOms0lDfoUuIiYfdRyuNgdwGGsFOm0OkWBLuNBN5H1Y_q7e9wuzAiOzpEuT8FjZqVndTKbWbd0rNuo3iw-cDupyrdL6XPVk4DhebGojmcsZRE45xcQCr8A7p9ePDA51varvSTMNP00rAvQcgnN0SyBNNcA3zbtGmcdwXPWeoiX-F6odLLIruNBOMfcd5vGoMwchrfig-9fQZS0Pih5MhVWloVa6PrAWFq9n3MUKRjSwmkEMQoI1y4vNMFDKuhaVzupqc8bZfLGnOJjoTA6ifSFxqH0lAAnOanyU_zMEWw704j0T0HiTd-IJT8ieYaLadOx0qmFJ6_rZdCvQEZ6shbL3cxVyecZ47hKuHyfeJ3zczhT3GG2EHE3fg9-G_QX4uqHbcV9jDrh5gUZtV5SI4Br5e9vSKIjsB5cvpBBxm6DenJ85-FUmRZS7uHCum0h68vncR9dEZy3ahv2pai1-xpbUH6FiB75MRgN3ExMzlPGtpg37A18Rf6bmOtUwKgrkvYiyjHxWTP_MwRld3vSqVyiR6vd2oJFDFWzT-ACeYAkBKMDUUL8drjqcsn_WFuWhKXVDwSzGxgfP6xxB9K4nh7KoCPeGRZjgUHFYa5vT_AiJP3YxiMvXxF4WWyU_HrHTOBAYUK4iOjAHz-YDqsOJvvj4IYer3pEMYAlsOCa0qoJTH7jac7wnXMe4CanD7fAZR8TO3ABbPVJr7ge5XeyxKra3SSoYxBnOMSo9MsYAiHimr2kGTzsu-b8LdgfV3yiZ7Yitibc4UYEUV2De_1XMNS-5NEV3sPVTZnrXR_VXpttX4Ff7itXzm_u3YKDHdoAqlyaMiqY-YHowhOvsozgyC9PG0tGj42Cmv0swO6Rdl1rF-V3QHaMXD4B00EO7Qsg9aTSTk2WEHz8d9QqjbwypQCcbcK5wl6iBh466HMQMatMMSLa0x55o-QyJDG-M3_Aqatt1j6k8t624iA7YWpADYtSH8qFv3FRiy76RwgOXXRT14yaM2888S6b5dgtKcdf9AO-b4hk4fXvQoXVS5Bdy7XW1-GweWZHAwd_ttTHvKJPFxjWOdbYnKIo0DuFYTBZ3BLXNzLj3MwdA6X6u_58Tp9lgrQPkO-NmT7djztwLR1zhzOzdx2-H-xAQ2lBuomUirtCiLcEiMMFdoHtzznscrWT2diJ2TaecdPuDrO1Q3SXCsAadaY8sTqgf4qOR3TbmYAZP09AUvGHmGjgYPlO11aH7qsHCLuI7obUumVBVD6aRliYfOmLg4cjHUB2YAD8jo6NqqzCJRToMrtXHquzF9LbbzuqFDQXt1cvevWSiMZEXnEQ1RF2ACVtmLfuLQ9OvyN6kiiDtKOsy4A4ZHhsLJMFLqmhrRVc4Y6_01n36dmGv1eK-hFEhlA7tpV-_-8URUnywuunrwvBL8BhHMtQextTPR5nOmeomYwVuO8qZf3jVNgysgCHyJ80baOCbnrueqMVH7BNfRxNBWfVgbSCBKitE3eSEetSMO63N7FQVF3qiz5fVcqwtS3Je18Pgu6T71pKqhi53uuEnh3LUk4maCJ8PRV_i4Tvvy6JtbX9ICUiqTyNABioU794ODi1DJjQUYU7ldMEer5OZhgtN-407fSjmF6W48WL6FBqV4NBM5BeOXGUT8Unn97--5uk1x8atIkr0aKOgb06XpDKmP2xrhwQW6_o5807eba4pmWiqNHjX1uRn27oTBMMrzVpGU-5mOXs9FyfJGIauQI3F9B74kDcUfJjsxqup3VHyq2355tR-rSoU4paRwLHJu_2LXSXuZuQGfFF_Hj8k6r8GvsO0rP28DQCZ5UulK5bj0Bx9eUXgOVSgz2ndGg0KbcMExLYHZIU7zXjP-RhrFmysVssT2NF-6aJ9odxrhc0IJE&cid=CAASFeRonstSOF8bEuHEWtfqkHwGXI0dyQ&rfl=1%2Chttps%253A%252F%252Fhellosehat.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A057
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGxAErpTVIQ__Vuug_nc5g&google_cver=1

43 B
1014 B

44ms
38ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGxAErpTVIQ__Vuug_nc5g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiG7oW6ATAB&v=APEucNUWXk4bJBUHqEBaoH_XSokdLY0KShACvLXQDNwjhykODbZ73SYlb8u-8dv293K9x9HPNq_ngenNwOVboyZbAAWZi3F8D89by4QsE29VntoFRvRACL3zI8hhzd4qsPlKOR-k4fmofkHoj2rcmHGN0Z9EFXhVULzlEyukObduAiM-o9mskDg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 10:32:52 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 29 Nov 2021 10:32:52 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGxAErpTVIQ__Vuug_nc5g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A057
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaSsVEjljdCWLYe8LLUrFgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGxAErpTVIQ__Vuug_nc5g&google_cver=1

43 B
1014 B

25ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGxAErpTVIQ__Vuug_nc5g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiG7oW6ATAB&v=APEucNUWXk4bJBUHqEBaoH_XSokdLY0KShACvLXQDNwjhykODbZ73SYlb8u-8dv293K9x9HPNq_ngenNwOVboyZbAAWZi3F8D89by4QsE29VntoFRvRACL3zI8hhzd4qsPlKOR-k4fmofkHoj2rcmHGN0Z9EFXhVULzlEyukObduAiM-o9mskDg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 10:32:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 29 Nov 2021 10:32:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGxAErpTVIQ__Vuug_nc5g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A057
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPIxcL4Dcwvn71mRX_JNYCc&google_cver=1

43 B
1006 B

34ms
13ms

Image
image/gif

185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPIxcL4Dcwvn71mRX_JNYCc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhiG7oW6ATAB&v=APEucNUWXk4bJBUHqEBaoH_XSokdLY0KShACvLXQDNwjhykODbZ73SYlb8u-8dv293K9x9HPNq_ngenNwOVboyZbAAWZi3F8D89by4QsE29VntoFRvRACL3zI8hhzd4qsPlKOR-k4fmofkHoj2rcmHGN0Z9EFXhVULzlEyukObduAiM-o9mskDg

Protocol

HTTP/1.1

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 10:32:52 GMT
X-Proxy-Origin: 185.232.23.183; 185.232.23.183; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 448a2933-90b7-41ce-a2dc-2ea03458a14c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPIxcL4Dcwvn71mRX_JNYCc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A057
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ3MTEzMjk5ODc1NDQ1MjgyOQ%3D%3D

170 B
188 B

21ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ3MTEzMjk5ODc1NDQ1MjgyOQ%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Nov 2021 10:32:52 GMT
X-Proxy-Origin: 185.232.23.183; 185.232.23.183; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4fd26c09-6a09-4a72-890c-f5cddce6b6dd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ3MTEzMjk5ODc1NDQ1MjgyOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FFB8 640 B
316 B 34ms
17ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhitgYa6ATAB&v=APEucNUjBAmPraqEzHS7_jBwHyl5BigR7v3AxJfQrxDzZNcZU6AheSQFV3klm--n6oVzu7Z3B4xeOjnvIIeEA3r87W004AzOvyQnMNZNLy23-oxX8IDu3l_laH3d2bveaoH8xIcpz33EpjoreK9QNFvY9a96hT02FtG10uz2z_3J8cRiEiDN4_s

Requested by

Host: d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
URL: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 29 Nov 2021 10:32:52 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 802B 12 KB
9 KB 59ms
43ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CoPL-ZiXh3qf81FC78U0MpccQeQPrP3mCvJs6ADskkeI4WMeVWhkO28oeBW0QDizzB41MSPwDfJarE9ljVeTloSMOJc2lop_m5OucppdU3_vKs9BzVTt7N1PI3SGfSR82wC3imw0yClOrNccex78Zbz2vWWA&dbm_d=AKAmf-BFidfkbulJ-xAgTpqyprmsvDpeQHGrWYYueK5ltvj8ur5CAHee2a8XRWtRe2NcdOsz8K4PoH3VN0d9XaMYzJpYvmCYiJRSJh1hKHg-q8h7BhhtwfXQBPSKdOYLnonX7krYipiePf_1dw8zjj6I9Jqy55KrOivPODsod2lAYbYXSaHQc05uYIkmp4gXZ52atVvi_irkSzo0Ed1s-5Y4j5Hr2jwv-xqcba96g8Pm-RTB75AoCMZI_q_UvAj6O2HYjFZohdM_b1updwylnUgWmoV5NbqgFijNppAcIAPveftEC5IW97KS_KAdR6yPFXAGnbylNjSs2A24mXRhjZcfRuQSp6pW6lDRHHkzZ3DWlXQVFwsYJolYTnM1yJvUadkM9HxPDzaKnAx_tNq7wNYv_U_1tvA64TBGsB_X05jXRh2A3_pCu9kMNCmuR_gSIlmLEpnOomcWMhIP7354K5TYlni43u8QKrCX3zTgmxEJFepTGs-gu7OHMuMNbIiTjAsu_g13PBaUIeUnDZk0HNJUirBMEGJRo6sAshQEG67QdZRZLus09-socqF22qRtaXzVYdHrOZmTrP-GYkvCjm-F-itANpZtUPy_XHGc7DgEZNuYkdVNz8bOFjuAKwHZqXw3Pl0b0tIsSjibmq6GwV4s4l-cC5m9zSGSvIl0UBPqVABnEWU6jZGf8ar0qzgpqe0q9Fy9WtqFkzi-b5PrN7hjXNgaiO9VfxHzSd6Lb63JK1--vkc8_7UKmHr4u7fh9tXvjC6HeqZ7lW26nSL21s4c4J1gruCU__PDOPva2RfmVc0qaZAiNV71ZDGejaBa09lxHUohqaY5IaRMB4x0QuFobTt6liMRQSSJlo3I9IPhZW-z_Ny4T9SLlPcEhYZ87JeJjID84poQw_B88dCribbKlp97G2LrxwbckVPyLjSR2Rqb4m1lPWm6PVhg-1aQAZTACwENrN8hcbGOHdx-aPcwhJ_mkkd05yMrFmBGuzaCIJn03txB4YRfL738Yq-0M7reIyIhX0eHgX_djaUfPpFUx4GiX8fk65_lOvrXjEs56NWXI-ry2Jsm9cykIWGti1qIQdh8pzLb2MMqg8gr7zsC_skaUS-fc_vBNIqnUhGXrL-jYvMAZlQGZZWEmhwrUzAr5LUUwfeliPOcWB-MWaosLpeF_4tUaLBo8q_gH3RtspCWDND_7CRcVqgY4lkFJ5uZMShL_tmjXU9VWloatcHXi0ley_3RCihe5jQ8vzhakYrYaSDwdgh7datGHyIkhqYsNGYyIM0jhTGqUCpEgmvf3CFlVFC0yfTu34TOzjV4rHpPFdnR0Bw9YuzphsrConjuB4ydyYJtYfcKxNumP2FES0dnPYjN2m58FsLiV9_Csp6JjunKBlb3Je9hmbT8VzK9EeqEmrpG3vOB500FImgPf9_xoRvFqfMwBf-gBmu9BGHRs_0ahrRTHcv1km2xR6PYqN4MR8u22dcmV06lhvVmB-HXAq5JBmr-zBJCDw88iUBn74KLposEKnpz59Kt1HuKQSlDbkwS1LqV4AJTmKS8nCoyeBsJlssaq_nin994P47xi6yU483nTlUBpIodKPMFFnqDIEPap-kaqYMPiEm9OanoxGsVRLS885eWdrh2apjn8ckScAbaMfWQLuR72SD4FzaLyrNvjqRrvSEctv_wCR_f9fmM52FgqqRbiXbsx0iKeYmFUh_NGkZWd0XLnV5IgP8ir8wm9xGEUP2P8w1rKiXDP2nIeOFnWijjdrKw1kRJ8BvUjGUEPE4sqp0aIugJxA1Tfjy4T-HlasXgfxQ59FcU3wV5B5OPJvHkRXRomGu9f7RHbPUVH84BmVGNiP9vjLq8_bpU4s9UuwtqGhbAaFIyPGn7PxDMHQh_a4xJ21MOEfUSwSMsygR10UCyPot6MkyWSgr1tF_M3aJKLdqZFuXI0tso1Hk5E8eZyaSmrwIquBDKkG27HF9Qu9UEeOtQZoYT2bDrJilnbQnIUCQ1YxrmHMFxZDd0jnKMWr80kO1olggyK_m3piJ1dDhgJnqglmPOahax7E1FPTYCGbeSqjmCNrmiL4MQ1CsY9_ZP9-L4Jp1rRf_Kixl44npmeYtsTuK7qr1gKHtLrnbOsv7lKxsXktYPrT_jOONFBoOyrHyfEbU2x0_qiDmeQcUgj-6H8Q-RT4sJ5sSTVlT7i4q3VnWFx8mR_ZeIVGn3QrlDvMOrc6_gmdfnRxQwm-Umgw35wTz3OxT7bYqKoYux0FLmjhDPxiQIHNg15E2D8NWf_j9jHVRGApoh4xza7HNIn_9CbPTYmKd2shPv8TXPv20cGLdgWkojqt6eeedXCOB44H0-DMyU8zbL1C-5lX8ia5QA7HsYm_bvcD9LzwSSeeCeZ5FFSedJ3XJCDcv528sycGPi-tEy96b_wUV7fUcJcmlaC6tlJuEvwoqrPCiQq0nMlUoOJLjmof8hUUWYGPVINQOsty00Ls2e__Z_cr3s2UDYEEtmryXZe4jqFRXEcUk5oHyf7Bha6rQNyqRykoacTxKU04UMMNNcVySRfItW7KgYhGwQ1RXm01D7rLrQ3MmgACYkvmedT2Oy0r2okS9nyioLv3snUbiVsac6oav_r1GIoK3xSYXao4wo5YUf8HdFbp0mbOKa3db4XEe1eeJRHs9gYoBw-8JJaZbxaGtG8LSxr0UM0L_xFJ0FTziLtoAwC15xDSqBHg&cid=CAASEuRoSKYQdZzFPLY6duVLDbu8bw&rfl=2%2Chttps%253A%252F%252Fhellosehat.com%242%2Chttps%253A%252F%252Fhellosehat.com%252F%240

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de968f76b38b39843f4aef49513c6ce95bd19f117f76d3b04ea23551f3b3fa92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9474
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 802B 42 B
63 B 43ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CsKNv0PhqVc5Tbl3QXdttBX2jGxIPZprCKxhlDENx65ejMmvC8dDGmwgE3uaWlN7iwSX0021jKbsmbWsvwS3yDIHnDjU4yLH63UCIl8rg2e_EjmYA

Requested by

Host: d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
URL: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 802B 41 KB
17 KB 67ms
45ms Script
text/javascript 64.233.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNV5ov7abRbc_INaa8Cy2nnVNcb5VFBxo13TTxPG2j_HwAcGjIw&d=CnkAoCZ_4PP1Kb2DxnJwAHct8KMPjnqbCzNN-EdM0GqZKnn1AEUzaBnbnnkH7RJg9uEJGJO2GcntpRVhRd0co_5LjOKvVnO9cQ2it0puo4XmELMymtDaV4kyQuSgqFyfn7RTzID1XMqKTkGZPWxnDW1bE4unsCnh1h7rEokSAKAmf-DQV8cOeE1B3v9H0pNOzS-eEzA0VXaggkkMnHn9Fyoen1TehjxUX09X_SmoQbTWQ6bYDenH9CRtr2UDZWfDXACLNURrJcOiKVCYyQ52x5wzW1cbGmsT-m-az3A65IOx_ZdsYSOjFm-HOFGPlBET6CIkYxDuzxFdJp6rq4bEkvOpJfUYJ4vn9y2dGMNSnJVCeAr22yfsF-NsdExVJ_phSKxWTFAwbOE8zgOa0v4PTU0eu7b99plUkvQt3yCMr_gTJS2vJFyANO1a1aZLvByfIZulwuj7261BQSI_xVmAs7d_rC8QB-Jjmxm0vy6CaViXFS1wciWgaZpsXyhR7I_QGtIxbB9tme7820nZCf_TVqwoZoJUglvHZNvig__w2sbRhNXe4QyIxlzBRYWkmKfXZhsKQkbLPg8o90qOzm0rsz91OlM4MoLPiqWDdIaTzZrYLCwqCNwezqt5AHH00W0qy6-hjwP7789RRMjxf6LYL_qXLBCBfODp21OGW0uVsrJZILDx_aqBi9ZKbEomu_TciUv_Rvw5v8hYNE-YhAaKHpwGEQFTjKZrACWjrdHJPvHI0h0gVLAF_UZwViKTD8US94LOonDoa9T6LVcSj0T41IOb8tYiyc8NjCM87TW7IXGgg8BCdwmZ_vj0VudXr9_yjzdves2udq0sh0Il_P9U6EiEI9hwmk_ZhNue9N8Ej_PZd5wxYinCCyqM2iDtTJ0xl-28iBdwcPkExIPOAs__sq-gNdvjOi22xn23nV1T7XZN8ihk3wJHw82aDUpdGVgiboSc6K2035C4c4winKN996vJVheiXGINrQurw3kr9ZPBT6tvRNpeaa2cw8LAFvhBe-owygPBUYX3Y0IFu6pNfMe1VujA0g5-_ZBObZnE19J__-SjN5lsvpfocgc6Jo-2F9jqdm1SIK9j36QYtNi-JuPNY6HWO1uOc29WyALZPrZjo5VE4cevrgduXe_ue5dADY0RiZpC6r2tFPlXulXHZoLpvv3whNl5-Ivjx1cSj-M1T3Ciz4WOnYlhwIqEJngzLxsf4xFmaxxyc_g-gnJm5l9_aC3j-3cSBrvsyM_lWRw7qXMFE5150KEwUe-PwSRqATvKNiMehGAK1Tjlcb_lLFAMptXvBqcEDbnpD2xwBh5ZRWu9N1J05ozh0ronhwir7n0P36Ltj5Vi47xJfpo30CQZFxBDgXiLZ4Ol1gArm-SLWq69R29RkmB6-53m_WQ5XeE7ZvlzMzmj-5txpOfkVwECzhYmTLPuosGDGYPGJjyxZJjva9ZSOxh9mPoeLu4uNtEUIIhlXc60Wabbd03_zPKbDpHURuPI8cSVXjnmi5cnD-xJlu7oOdD4FFlJhB59RUo21uQ5lSZ5-23nH1s9JSvWk5zWsIFhZLXTs_vkbHX6CerX6dNwaa8GEnyDnZnqGdYf-kqIOfR-L4WbDF1WZ-9kN9Wyj6nTPKdukXks-VZc05dTeHpPUTxWpiHdMtkfdLLlkDveB0qGE8UTlup5mKb47Ats_zsLZGjC8styb0jjycs9GYqwzrfC9vXXyM2Es6JN6ogDRj859e4kOlvp_DvQQ5Yo-x8VeduSxFwNCs-n6tqLRgWitIaIVXuu16Q5ubiV42QahqRHZStrM3q1F4v4C0u0U2TIvzJIlBWLIoX69gSf6RJN6nbYaoV5_-QQL3gTAxyCPhxzQCfojazKhjM871cV2LqxGfooMMLUVc0EygnZ9B5RjEslmIi-SgWSfAw8Flu4JH0Ik2yxQhxUB4z1TzX91xzzf22CyDlc4ZRUfc2Ad7ZxPjwrzYWgbdH817ZVhN3EvaeEQ7o_tIcS3_q_hbblNOqYAhKk-UvvgA3n1uVS2JqUuonzJCl4dN0xdyUKQ8K3uMmaZeen0lT7fXJoTPkPdQRlrMor0XKzuDiOth3yNercyR4o9t83bDVeqE5NUydVyARn1t1eyUseE_lg8LHX9TqlTWhoT4wBHq9EATtj4QeazbPDg_WjIhRJuWTpA4d0bS_pDz3mdlvI4sQNG17zBEJrxIa7XDZGXN8Nencij67ecNjfuwKgOL_H6eJUZBh_unS1ARtaY_2OmsEm3FDoKtthRpnUfOANTowCpML3fvzXcDXtx1IHo2ngvZjS_G67Ilka45eKYZppyEKaVW-1LR8DbAc9xVLFm6gM8GAbup3PgNmrUq38dIiIUI6hE1nWQx7QoxMZahoQujMt6EcD7rQLH2N1eXgy1ng6TByT0qmEWUV22SL-1p3m69VZZ7DPXX2CYA-3FmWeEw5okio7rlNVbtI0AF4SJ59EDJmjru_UL2kDkktDekEbvbsvR8lIBONb7DwUIWkQ5JaM_ZI2U3CXj-ddMX57wV45Jz4xlYFWfCqurqivrcpfb7ksYDP74g-tEoJUoRrzt4whCHoo95d0V-8lVScbWNfXBO-CY6A6jLDO1uxXk6CKbIadBBaEG0-unsBOXBkFAd57Exk20dc-FtKVpFnFcbKaeARFiM_ng6pOnyBopLgM8lmO4hOLYn6qQPNBLuvVf503dUh4GXooxPc-n7cZVXPf2PjnABORRRM088tYbsVwsI9wjMvrVyVKOYm-pMkYD-zAjSbHfkpagc-IQFPU6JMcKh_8XxYBNgleW1Aq7mwAtXN_ghq-Re0UVL1Zqz6yaQi4QNm9MziWe94xV3fEmcwKaOhxrdbQJqRYRK07uumLllcArA-AgQpMACGfpPFhDURw0BIqVS6OOb2dFIgOvZpKtC6qy2ZllpZj-WEJshsG-vMllJLX1XjhfDcIDkFSRfWvc5OkjrsIIKUjbwa-9J0ydlMFdsKR7CSL4-ZcSZpdbLyE1tzRTOEKTUdB7AY8CneK1O7HqPXu5gM9rUe6TbMCtdnaXGCaTzqAyyUCIZeqRsVcg_N3woSKsJuSDJlIVaxeOAgDyuimgLMkhiITqjjoQCptLTr2CRvRazaBt9C1ZjGGvA-EDWs-C5W7AmV0qMbHjCdCzGbNTbLmxEp47YRdJkdqPol55TLyMu9zn3cHhA0ZO-JlT1GtvhGQZYtfqgYUqoFrikCEsCrRNPWWCiGFZBGn87cZGhYIABIS5GhIphB1nMU8tjp25UsNu7xvYAE

Requested by

Host: d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
URL: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f156.1e100.net

Software

cafe /

Resource Hash

30d76ab1b9634f4916629e2aa245dce16825e821c3e48886ac51cf8cc1dfc044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17490
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
choices.truste.com/ Frame 802B 27 KB
10 KB 12ms
10ms Script
text/javascript 143.204.98.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90
Requested by: Host: d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
URL: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-104.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 043a7073a89a2f00029f1355bed703a3bf91b369a84f70e18d2b81fb61450ced

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 12:05:24 GMT
content-encoding: gzip
server: nginx
age: 80848
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 2g35QqVKB7ckMvq1BlgtjiwDoHQ0YZ2pWWYV8nbZK5KwuVAzh944Ug==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 802B 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
URL: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 10:31:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 802B 119 KB
36 KB 62ms
60ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
URL: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 802B 15 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
URL: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 10:25:06 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A591 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 251086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 409E 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 10:32:52 GMT
expires: Tue, 29 Nov 2022 10:32:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 4148 24 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUI2bpVFWT2e_x8qibqUQjsp58JZI8fD88p_Jx_OPp1msaL9cY&d=CnkAoCZ_4FGUJKj14tv1HNgnzCf1fVe3vHvo4vVDqLUjQ865wOduogJ7m9_Q2zCOuMJiDAoEuKBW9RKwfuVMziTSy83qs_kJ4uzKf8rUzW4DrwvbN8NT1NsgP8BUBqqNL6GjLkip-EryzSGkoX95QufIOJuUNNsh5BrMEukRAKAmf-DgZQLyg7XvPDE6p1gQa906pIF4ie6nAPEKCwJd_CT15I6XORjbci4VpIE6YKR9QEr_3h52SdftGY5YhbQqDoY4l7nEJt_IoJ0StyHx_M_3HPHyXT9jRn361DpK3buKJ4iduMRfPTTenso6fqCzW9l1stfzubD7fuGR0z_HGIgVKC0gDTmlRipa0-FZvAfRF1NvWtXfdlN9Wpy8VXKLf1vcfDzaHSBjVT_ur3p28RdQ0pL9G16iY9sOBqJZsikMVhBUt_H_JiNMwCnGGqt3R9e29st9vSegtS9jQqn07kqSTRwEsZVTsYV-E76iux9dIswVxoLgrpkkFVQ3crPm84_6_yMOEnZMoVEZfpmXpesmI2Vuu2gj_avuUVnUNDxGUiv1_oNoIn2bYjQBLd-UeEFBFVsMvORhB1X1ifMAONMVrV_Zis_rBV1fmXuR70rMeOoAq3tVsnGQQJsnMgcksrr6Sph1BUlZ_FT87kH8OKsiUqdwRxFQO2iTWW05Zr1vgBCbw7PFQ8T0P87GabATTeqXLZU8uAZpdNzNpkraIimfhcBN5DxsT-4M22RFjaI7FXm2_APRGaob6aRo9PTcqSv-3YwJ8_UmnOQKuuyunhTklHm8ETZO7yf7fRg7-8SpyNPnnzSEgh5198dkVU_MS3PbtGGCUjCXBHvWuZUixPXNoxSXgTiC61zEQX586FmMIjqxCubTyKiPUDlOBEZJs_7dQRfMHDLV8sqkkstXjxqBWGiCEzYUAlXcLrLD1siD1K77c0AXBs7sMbsbXuN1iRrR365Gwfsw-1QDhIfsjRUBpcapZorh-bZBDgw9TE3pgyjpRXXiT8Fw-DDTLvwprE4cpsZ6L2ShaGdlKJ9A2r1k6BnA8mP-vx1sXYW0P9j4EVPDoa5pp_zjW7NjPP0UooIn4ccufOQQY7Pdvov6b5pS4CpeAXNmMOBbyEqxAax7tMI-waDULYjim3M1C2MWt96XMieevR7bOWXGw1x0cVzoysK3D7Cbg5X7xecmZG6nXfhGpQzvKBTUAXxwSsNz44yD7wuXRFPnbJzdQ6O-GzsQzNtr2T9zxzZ3Yt62diaQ1zmUtNmg-JOdo_yUoX2qpu5ZikRzkv640SfoynBJDWOfo0B3f8J1bOm9_akS5daA-n9bh6hsjKCvHJ6wrzmtv3ZIJ3L-z6cgbyRupP20hwGFFWZD2DayHzivAfZB6c9JKvVhpvmSHty425qZRNrRH9cFQkaSTBIX87uInQmJnqLTPMjq0VpuwKte0Gt_60i0CzKjKXJbVF39l6BxF-WAagMXepFoEYP7TUcGvm_2dvLRnTLjAG0Fcf1eBV-h6q5EH5uuhr3TBh3OanOwVUPbb4o_EadET8jIQtxCWfEl1p6branO5x7GFEdOBCrfGEF4bga5u2aP13t3CwdH83FcwoeFo8NrTedDFdE3HcZYtp_aFKmCJJLlrYQfW96eGoZ4gENV8zgiY0xt7j8P1Y1tFEd8Fgi0zTOiDFFqaImkhjOBkF89WvltKbJg0WNDxqbdfdSfbnNmz1ceDYYhroIQwGgkUau7tMWly5EQ0O-dPiGxgjStTOx-jfP1zBjmUB_94b-0YA9Vu1iY2FHFgh_36tBrjv8mIuGe_Zq4lbBpG3xshdFvJHC4q1250JYabBqtaGIeH6H5rrcezbmDlu-ykNXcpdtb9pFkTGfHvSxhHHJBaIT2l7mcwQTfG7rkqYt86uSIcqqTRctjUPGEJCle0eYzZMzGaIHMANuT3FbTB2JE57PwsC1I5WtY84MK31hzJLEHiMPIbKsDmAJxjgaLwx7YrSJq-3QJOnqhNTjykT0Nn873K1w1pmHt0zjjTEmmVrxO23jfk01jIciOh15jvdOPdrFjOvh9bFnkmhwanmzG852XAvTYxjtKUMK6afYAodI43dzyRyR1hCE53ZKHhPmX5Cdn7drYUmFk05ka0HKnAIc5GZu9pcCsSV_w7vj-NXYeA01ZVDOi8eEyNxIjZ0p59Z_zkkKqtHs55F14KaSbCGmR1wQPgpys2afwRzXXw04NE5JqO9-To8tGyKDBu1q2051JRndE_VeHOGTpCz4Y2rZViRb0SuCEZi_7vPLMI1uL3x4KHIPqiFVbSbLm4KhqCBq6fOPHtH74_q9mPj8qH1gJEZskCg5zYhJwT9nZZcZ3CQHG-9BMVHGjUjr6_6pV7Y9vQL-sIaM73LKVV00zITQoz9FeODxKXpD3P8nbHHg-xNyQDWb3Aj-hzrIDFvo4GmGDeB9xBiiZHeGmQMhYV2SDYjIx2h_1IgaKq1HZQp2B6KebZNBWnujZcmi15IfHwL6TIripkPsrrBWKW-TmWN2LlTe8QquXsWL33K0863fOSRBM9uYCY4XKG5ihYzWiJNkpsP6jwGFqDpLEcqpHhk5mb3tCdjk3aiwGL7WVUXtemesSa8f44q2tdO3CBI1mCea9CjI6459enP8s1hy4OXj_mSs2Y9DHx6VkLLDnCH8EqFa1aG2P6Thfx5V8NpuEK-lXoj9b3A4FJSRZ6OwrMteDBh_iOIrMEkD2qGSm9z5ovqGxB3gppw6yA0FwgAvem8oxFbgLk-NEzOshBtcsR2qVyXRw_hBz9M2WMH4xBEPd-ZLFtyuqVRlj9dRIxhWoDa1P_vfVaVVvBrUJCbmQuFJyzJghE0e1DkHdUvmFlEmyIkfQJO5RzTXiXqbEcrrG0g3qhKiGI07thgcqODw029NTZc72tT8RaC3q94aRI25kgg_4q34PdMTSMtbKnjKKK9mOYLQ4ovr3RfbT6BYZjVJ7jW5JlpuWdqsCzaSVqwaGAW-ys5sb3D5TJEnJ6kr1TA2Knvyt7WXXfEUyXbZ-QrBqUDBC_jSBtHFbKQpKtaQdpGddqfiQRbnlk8GZfH54IZhYc4qJaF5Y-RL-jjLtlSAPnHJcIaKxnxCrmP2fmqp6K5F1CoTmVC47wyFbBoCoj5L6Tum2INn9yICnP_JywVBAross3IzBKAJyQC1RMm4XPsuF2X68T9MaCOh8XgzH5btaJBoZCAASFeRonstSOF8bEuHEWtfqkHwGXI0dyWAB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 10:31:49 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 4148 8 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 10:31:17 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4148 0
524 B 74ms
43ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss77eqU-5t3eX4-k_rpHpSOS06najFoSKKDaXUd0NFTu-qZGHqENUj9T-ZaqaArWvpo_jtO34c5J8oMK2NkgfYJPmZ7PSM6HQlgZNeougLXFtMR29jtfTXEuj17B4HhhsIw&sai=AMfl-YS21UrAZh1b7jFpaK2e50fxu75LcGm9ljIGG-mBV2D46INnz9RUmux1J8eo6Orm-Iz7BqYT0ZAoVFxW8VdhWBJ2Fn4ENibBzxMFlN4&sig=Cg0ArKJSzDSa-2v3PMy4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20211111.84482&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 620000111_Q421_AI_moveopsV2_static_728x90_NVIDIA_x_DE-DE.jpg
s0.2mdn.net/10774078/ Frame 4148 30 KB
31 KB 38ms
7ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10774078/620000111_Q421_AI_moveopsV2_static_728x90_NVIDIA_x_DE-DE.jpg

Requested by

Host: 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
URL: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5373732aa29605604527335f236ef5db993da9ff88d30b38cef51d4280c59cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:00:34 GMT
x-content-type-options: nosniff
age: 1938
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 16:09:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Nov 2021 10:00:34 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B970 12 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 29 Nov 2021 09:13:48 GMT
expires: Tue, 29 Nov 2022 09:13:48 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CD6D 783 B
535 B 35ms
17ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ed85338db2632fee8b26d93e7640258943700a768bc5c65b4e9782cff7538eb7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6dl1cmWW4TFqiX6i6g5O+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 29 Nov 2021 10:32:52 GMT
date: Mon, 29 Nov 2021 10:32:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-6dl1cmWW4TFqiX6i6g5O+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 744E 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 29 Nov 2021 10:32:52 GMT
expires: Tue, 29 Nov 2022 10:32:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame FFB8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEyf9zN9GhlnfBV_KZm3ixg&google_cver=1

43 B
61 B

28ms
19ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEyf9zN9GhlnfBV_KZm3ixg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhitgYa6ATAB&v=APEucNUjBAmPraqEzHS7_jBwHyl5BigR7v3AxJfQrxDzZNcZU6AheSQFV3klm--n6oVzu7Z3B4xeOjnvIIeEA3r87W004AzOvyQnMNZNLy23-oxX8IDu3l_laH3d2bveaoH8xIcpz33EpjoreK9QNFvY9a96hT02FtG10uz2z_3J8cRiEiDN4_s
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEyf9zN9GhlnfBV_KZm3ixg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame FFB8 43 B
306 B 33ms
17ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhitgYa6ATAB&v=APEucNUjBAmPraqEzHS7_jBwHyl5BigR7v3AxJfQrxDzZNcZU6AheSQFV3klm--n6oVzu7Z3B4xeOjnvIIeEA3r87W004AzOvyQnMNZNLy23-oxX8IDu3l_laH3d2bveaoH8xIcpz33EpjoreK9QNFvY9a96hT02FtG10uz2z_3J8cRiEiDN4_s
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame FFB8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESELZVR9J_4k1caOwrjHso6TU&google_cver=1

23 B
172 B

71ms
56ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESELZVR9J_4k1caOwrjHso6TU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhitgYa6ATAB&v=APEucNUjBAmPraqEzHS7_jBwHyl5BigR7v3AxJfQrxDzZNcZU6AheSQFV3klm--n6oVzu7Z3B4xeOjnvIIeEA3r87W004AzOvyQnMNZNLy23-oxX8IDu3l_laH3d2bveaoH8xIcpz33EpjoreK9QNFvY9a96hT02FtG10uz2z_3J8cRiEiDN4_s
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 29 Nov 2021 10:32:53 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESELZVR9J_4k1caOwrjHso6TU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame FFB8 23 B
172 B 146ms
51ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhitgYa6ATAB&v=APEucNUjBAmPraqEzHS7_jBwHyl5BigR7v3AxJfQrxDzZNcZU6AheSQFV3klm--n6oVzu7Z3B4xeOjnvIIeEA3r87W004AzOvyQnMNZNLy23-oxX8IDu3l_laH3d2bveaoH8xIcpz33EpjoreK9QNFvY9a96hT02FtG10uz2z_3J8cRiEiDN4_s
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 29 Nov 2021 10:32:53 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 802B 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CoPL-ZiXh3qf81FC78U0MpccQeQPrP3mCvJs6ADskkeI4WMeVWhkO28oeBW0QDizzB41MSPwDfJarE9ljVeTloSMOJc2lop_m5OucppdU3_vKs9BzVTt7N1PI3SGfSR82wC3imw0yClOrNccex78Zbz2vWWA&dbm_d=AKAmf-BFidfkbulJ-xAgTpqyprmsvDpeQHGrWYYueK5ltvj8ur5CAHee2a8XRWtRe2NcdOsz8K4PoH3VN0d9XaMYzJpYvmCYiJRSJh1hKHg-q8h7BhhtwfXQBPSKdOYLnonX7krYipiePf_1dw8zjj6I9Jqy55KrOivPODsod2lAYbYXSaHQc05uYIkmp4gXZ52atVvi_irkSzo0Ed1s-5Y4j5Hr2jwv-xqcba96g8Pm-RTB75AoCMZI_q_UvAj6O2HYjFZohdM_b1updwylnUgWmoV5NbqgFijNppAcIAPveftEC5IW97KS_KAdR6yPFXAGnbylNjSs2A24mXRhjZcfRuQSp6pW6lDRHHkzZ3DWlXQVFwsYJolYTnM1yJvUadkM9HxPDzaKnAx_tNq7wNYv_U_1tvA64TBGsB_X05jXRh2A3_pCu9kMNCmuR_gSIlmLEpnOomcWMhIP7354K5TYlni43u8QKrCX3zTgmxEJFepTGs-gu7OHMuMNbIiTjAsu_g13PBaUIeUnDZk0HNJUirBMEGJRo6sAshQEG67QdZRZLus09-socqF22qRtaXzVYdHrOZmTrP-GYkvCjm-F-itANpZtUPy_XHGc7DgEZNuYkdVNz8bOFjuAKwHZqXw3Pl0b0tIsSjibmq6GwV4s4l-cC5m9zSGSvIl0UBPqVABnEWU6jZGf8ar0qzgpqe0q9Fy9WtqFkzi-b5PrN7hjXNgaiO9VfxHzSd6Lb63JK1--vkc8_7UKmHr4u7fh9tXvjC6HeqZ7lW26nSL21s4c4J1gruCU__PDOPva2RfmVc0qaZAiNV71ZDGejaBa09lxHUohqaY5IaRMB4x0QuFobTt6liMRQSSJlo3I9IPhZW-z_Ny4T9SLlPcEhYZ87JeJjID84poQw_B88dCribbKlp97G2LrxwbckVPyLjSR2Rqb4m1lPWm6PVhg-1aQAZTACwENrN8hcbGOHdx-aPcwhJ_mkkd05yMrFmBGuzaCIJn03txB4YRfL738Yq-0M7reIyIhX0eHgX_djaUfPpFUx4GiX8fk65_lOvrXjEs56NWXI-ry2Jsm9cykIWGti1qIQdh8pzLb2MMqg8gr7zsC_skaUS-fc_vBNIqnUhGXrL-jYvMAZlQGZZWEmhwrUzAr5LUUwfeliPOcWB-MWaosLpeF_4tUaLBo8q_gH3RtspCWDND_7CRcVqgY4lkFJ5uZMShL_tmjXU9VWloatcHXi0ley_3RCihe5jQ8vzhakYrYaSDwdgh7datGHyIkhqYsNGYyIM0jhTGqUCpEgmvf3CFlVFC0yfTu34TOzjV4rHpPFdnR0Bw9YuzphsrConjuB4ydyYJtYfcKxNumP2FES0dnPYjN2m58FsLiV9_Csp6JjunKBlb3Je9hmbT8VzK9EeqEmrpG3vOB500FImgPf9_xoRvFqfMwBf-gBmu9BGHRs_0ahrRTHcv1km2xR6PYqN4MR8u22dcmV06lhvVmB-HXAq5JBmr-zBJCDw88iUBn74KLposEKnpz59Kt1HuKQSlDbkwS1LqV4AJTmKS8nCoyeBsJlssaq_nin994P47xi6yU483nTlUBpIodKPMFFnqDIEPap-kaqYMPiEm9OanoxGsVRLS885eWdrh2apjn8ckScAbaMfWQLuR72SD4FzaLyrNvjqRrvSEctv_wCR_f9fmM52FgqqRbiXbsx0iKeYmFUh_NGkZWd0XLnV5IgP8ir8wm9xGEUP2P8w1rKiXDP2nIeOFnWijjdrKw1kRJ8BvUjGUEPE4sqp0aIugJxA1Tfjy4T-HlasXgfxQ59FcU3wV5B5OPJvHkRXRomGu9f7RHbPUVH84BmVGNiP9vjLq8_bpU4s9UuwtqGhbAaFIyPGn7PxDMHQh_a4xJ21MOEfUSwSMsygR10UCyPot6MkyWSgr1tF_M3aJKLdqZFuXI0tso1Hk5E8eZyaSmrwIquBDKkG27HF9Qu9UEeOtQZoYT2bDrJilnbQnIUCQ1YxrmHMFxZDd0jnKMWr80kO1olggyK_m3piJ1dDhgJnqglmPOahax7E1FPTYCGbeSqjmCNrmiL4MQ1CsY9_ZP9-L4Jp1rRf_Kixl44npmeYtsTuK7qr1gKHtLrnbOsv7lKxsXktYPrT_jOONFBoOyrHyfEbU2x0_qiDmeQcUgj-6H8Q-RT4sJ5sSTVlT7i4q3VnWFx8mR_ZeIVGn3QrlDvMOrc6_gmdfnRxQwm-Umgw35wTz3OxT7bYqKoYux0FLmjhDPxiQIHNg15E2D8NWf_j9jHVRGApoh4xza7HNIn_9CbPTYmKd2shPv8TXPv20cGLdgWkojqt6eeedXCOB44H0-DMyU8zbL1C-5lX8ia5QA7HsYm_bvcD9LzwSSeeCeZ5FFSedJ3XJCDcv528sycGPi-tEy96b_wUV7fUcJcmlaC6tlJuEvwoqrPCiQq0nMlUoOJLjmof8hUUWYGPVINQOsty00Ls2e__Z_cr3s2UDYEEtmryXZe4jqFRXEcUk5oHyf7Bha6rQNyqRykoacTxKU04UMMNNcVySRfItW7KgYhGwQ1RXm01D7rLrQ3MmgACYkvmedT2Oy0r2okS9nyioLv3snUbiVsac6oav_r1GIoK3xSYXao4wo5YUf8HdFbp0mbOKa3db4XEe1eeJRHs9gYoBw-8JJaZbxaGtG8LSxr0UM0L_xFJ0FTziLtoAwC15xDSqBHg&cid=CAASEuRoSKYQdZzFPLY6duVLDbu8bw&rfl=2%2Chttps%253A%252F%252Fhellosehat.com%242%2Chttps%253A%252F%252Fhellosehat.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 647C 640 B
318 B 21ms
20ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNUoEVd18gr5zE6Oxw_vtBrL6xOjjot7nmmpcLQ-XsXpl1hgko0RbsQR7RBGuBlRGBNK9-N3jzCQlAFmBXglsTyzmp17Dx0ZPfPN0e6Wg-43szjJqOKMMlGCvBIzbuhT2eoPj_tfpYCFPsuIdDHBd1qjy2qltBnIGnuRpJTOJQRsK8VlEgU

Requested by

Host: 8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com
URL: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 29 Nov 2021 10:32:52 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 409E 73 KB
30 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BtEHVk7A74l2D_RfngynL9E_rheJ7jeJfgflhdoW93oTFZCIb50xkPq1K9L8fehXOSLYGV-swbowFIe8VBNZWwBsZn0q2z7J6GNO85FQn65fzApQELFejcxNozTKR8t_VYeWVcyApYXcKH2D1GwzFZjY8ywQ&dbm_d=AKAmf-CKrarDKIQ7GttgQZ68tmnhtaMX2gl0aqzCwt9U0Beel1lX7kNIhmnog7PYkqk9dmp0awohcfbQF_SfE8SjRZecK4eO-_C3w5j3BSHWC64TWbSwO5iyAjp4k1TIbtmIQDuZ1Mo9WcZrnSpyEqzLXvOO7QKenfzCxmgfaitwUR1SWW66adSgYkhl7FcEQEtLLl4OoGsh6nIjsGnliRBusqqFQ4OVBtsgM_bjB34sAir_h1vgMg6LpoSvIbnbHy38b6y264IS2D3_H4QZo03OKlxHyTNnEwt3EDpkTHb2hlMS9dAeyZIuan5xl69FqznBRfhvsI-OgTXPpt1qc1Q5LD7dlm83hFRQ3WQZTgVmynorm-j4hqWbL3S4Gp28fbvG92Q4u4qdxVTVbvyadK7lK4K8tioQEVCOptRodWCuNyqSomHxVjuDwXcrwTf1hHqvvEq-1YLUH05YUE-gJM4WKh0fAC6nk9HczkCeADRwkgDuko1G7d6NfIelsKaQqVbgWjX_13Rtb6-T4zKeBuJJF9zFZ1u44RHAE5uq4XIIAiBNceCd8SDB15jeEDIsW28nfLX5qcuVILncGOXmpbqLNrEU4kj5hccIfCoBUfn9py_qYoBAioutSttKCPfYmc1UXkVYlYsdHVvkGMyhiuiTvnTfJcRGV9xQbSeUossHtp_N2mm2C2LpW5hC5Cgir689y1JRzDhLR99IbVELjrxtB4YzuYb0vn3hkdwcIFE7p5TS9iFesoliZfE_j-26PSuPmjrkbsziu4L8spmuoHQ7ffeOecKty8vFSxXNSaivhrweAGaE0qCRTji05DPYL_De8ERNN9M7AKEKKl8LsO1OUpkbrqGvd2-hT9G4_x9HajnfZSuTSdD-SrujlPOhf7VE8PLLIQIS3tEkoGRj2PF_MjGwhjTOaYHsKcZPGNORdYwvfqDm7ApNXtjN0COBiWmzTJ3ZoaZLaCI3vj5tqh3SHUhIK4hg67R7MRYxvcQiw_UOZTVGs6SCv0lgFLI7g9kT88pAdMvRtQzYUxIYpYuXl1edLjbBpyl9qBBkKRej8ZESSx-AjoC0YZafQXPW4nMoJndSZQV9_ltT0BfaWVaiInwuXqBTVHi9wsftYMnosjMQ-UlQbY3MZw_v67-0WRO5SONqCk4Ln5FOqEu4MV1oCCRpd7s21gLdzGPjzukdH_XneyoU1V9Et5dCqpu2Z5Cu76zgnM07rhb0J5UXAuh7lL6UIY4bt2RHpjDA4tbeRcWiPRDGpeQ3hxWHwRYPryM2glJdeOq35_J4hHiDNsKepnPVoVUEvrsls6GoBUFHo8S6jWpNyexOLszjBqhmxRYQF1eN172xepw-evv1mKaU1Fdr8MCxKr3cgCb2k0i4DFAft24RO2RVlnwbeS-zgkdPb6Ny44TO2UT30bt4w2FY3EqjZyzPggbjZe8cQ5MckWZkDdqU5x_FErsMl94k2SN5qOTxvT8L0qoKfXuaLqtJK9HTg_dszbsYpXbsLQChg-fSLOMCl8rl7rSh0ms_dwvYRTzyZIQZ7sak0jtav1iuCWm3r4KC_CpaWqbzoWDGziaY6-jW19fsIFGykCVRREEQY6cFBhBHAbc0IfoYfQbVw2-AS_09ABeWBl0jlAk1OxB6H8F0nELPOj0RikaSdSTmxvyQ5-I8zw0ECcUgh0YipHr995SruL7jcGHrWKgqhqnwllbLSxk9jz_6QtpHkbltLXiMzWC3n0zqNjx1d_m8s0DB431W9lAU4C5596pB4IORkW4gWww-baJ-UQjBHk2L4zeZUMbmcCmWMJzTWBJ2gDm5lrXyXVRV20OmX87_-1Tsl-mh1ZKRKP3ZDWyLsuXGP01D83qnR6Aiqt9QbP160yi8hhiuDzDurRMjGL8iNRQEDbNOae9XSchDBUidLEmKi4fHS0N3TKi80eeM2Pkuo5jdpg9w0uptou0FTHlVsDFdwx5W_Xwfm1ScmAaGAx_I7uo5U2wUlUCdn5Y3gEiVAhjTCT-eK8mA7XwlGA39wTULb0gECAyfssCENBp1ifT4ny0tZIPofDMWNNzCj6l8o4UWppKdwJSeHdfjpb893FaMOF5jrNOeo9GgWIneiB34MLCN4WR3aYzqJ8MitNplx434mboYxo5ee9gtr15rKNiEH1HaWdEdhdIYjoTXEtDOqhQ-iousiU6n-9zaG7ffVyov_zK4n65C2hci1vvHtUL6WjFln6-LAOlBBRrdK8h60klu_vwbFR_TxADT04VmE70ogfs3b2ZfkWVWnEPGm76JvYlhQ_8N05S8kOyxT-lPgTmj5Y0S1SVBMfaNBpF01lK7UbCd83g_F-I9vCYZe_40sI0CM3ubpA20ghFhZ1av992Qg-WYQrq_GIsWjjn6ykvvQaBb3YjOubpiEhkWssRW3Qh0XCEsyxlu4iTXkrKqNtXSmY8kwHB7799-ZirHHTbzUXZOElSQt3iQvgilbZEUwcLqfYUxE9Pwrkww8sm0t74hGjOaViCEYCG59wvo7QmWVio4cRtxbbxtd5ZI5pF_BMV9leLz7wNHhhlNLuqAvlvHBGIOZ-7sb0aRr8_Jhn4bVL7ERr_uptSF5iI3k5cXIfpB-DriXCuZ_R0JBDtX6dWEGr4PWDi3AjeAhL8AC5_FIZsSCbHs1_WwgZ1cyqMjc6jA6zhbkGmrjQAjjDywsMTelXFSwckd8wjGfZSLLHfIw69EAedzQ3YTgb4xQTgznJgzdsNB-yZriBpshOckmAqyI-nSrYGyHUnUamfHYVOPfDY3QsKwyEeLblB0lB5v0Pnrku1KDrWdAmdtnOc6It6MY01bVp-sz2cIfQANyFgaZ-X9cXUxSyssNb6GocEWqVi78slYYtwMiESpAMT9_W4pZrYF8Z-yQl0rz__USFwWJhlhX88MFkOZxXYxlLl__CUNgEkpmJt5TMu-x5MDaUlzcHtcfY-IehMnppGEZH4Eu-KKH1fFvKUtuAPGJe2p7UldbcFVSAVSJQFE35_yLJmRdk8Av412vLdzPu8m-oAOQHM6v5gw53rziRr_CXDg2YM3SW9-sW3-4AGeG82ywBfSWF8jfykYAx97znMjktABHmKzQsEE1LqOUbDq6d7uLYFiVUL-j0L4nu-z5si0jPOQgZRU4hkGIoE1F2xzShFdD_Chc3rCY7P1azF8k2FiNho9maiCy76l4L9T9QsIVA4SaU9cxjgkym3M6w537L3w1PWS2qkygU8HbZdw0whK8x9slaeh60QrAaHKEwdrgngioR3rn-Qr74-ikk5tUtiV1R7F3JPqhYYGin8zOphsXCzzi7HeqlhWKuHfL69EzwwAxVjB&cid=CAASEuRoFOxoBqvRlGZce3Bx7Gql5Q&rfl=2%2Chttps%253A%252F%252Fhellosehat.com%242%2Chttps%253A%252F%252Fhellosehat.com%252F%240

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7aabbca62b3dab4e7d15b5be8ff8d5a0f6184224d9b9d4dbb1e0649b602abb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31023
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 409E 42 B
63 B 39ms
39ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AfUGcWC7T3H-lnEOhKlQXWPJsJACs9yR6FJUkGaLBVLODOqPEGLqeYtSZ65Ch0eSPoPHI7Lm2NIovyqvfrNntf8x6G4Z-8FJA7E9AIr2-r6qe7_oU

Requested by

Host: 8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com
URL: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 409E 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com
URL: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 10:31:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 409E 119 KB
36 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com
URL: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Nov 2021 10:32:52 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 409E 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com
URL: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 10:25:06 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4148 0
23 B 58ms
44ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 4148 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d728b5966194fbd4fe7921275a66119a4ede6e24b848d19ae18c9758099c2d23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 802B 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNV5ov7abRbc_INaa8Cy2nnVNcb5VFBxo13TTxPG2j_HwAcGjIw&d=CnkAoCZ_4PP1Kb2DxnJwAHct8KMPjnqbCzNN-EdM0GqZKnn1AEUzaBnbnnkH7RJg9uEJGJO2GcntpRVhRd0co_5LjOKvVnO9cQ2it0puo4XmELMymtDaV4kyQuSgqFyfn7RTzID1XMqKTkGZPWxnDW1bE4unsCnh1h7rEokSAKAmf-DQV8cOeE1B3v9H0pNOzS-eEzA0VXaggkkMnHn9Fyoen1TehjxUX09X_SmoQbTWQ6bYDenH9CRtr2UDZWfDXACLNURrJcOiKVCYyQ52x5wzW1cbGmsT-m-az3A65IOx_ZdsYSOjFm-HOFGPlBET6CIkYxDuzxFdJp6rq4bEkvOpJfUYJ4vn9y2dGMNSnJVCeAr22yfsF-NsdExVJ_phSKxWTFAwbOE8zgOa0v4PTU0eu7b99plUkvQt3yCMr_gTJS2vJFyANO1a1aZLvByfIZulwuj7261BQSI_xVmAs7d_rC8QB-Jjmxm0vy6CaViXFS1wciWgaZpsXyhR7I_QGtIxbB9tme7820nZCf_TVqwoZoJUglvHZNvig__w2sbRhNXe4QyIxlzBRYWkmKfXZhsKQkbLPg8o90qOzm0rsz91OlM4MoLPiqWDdIaTzZrYLCwqCNwezqt5AHH00W0qy6-hjwP7789RRMjxf6LYL_qXLBCBfODp21OGW0uVsrJZILDx_aqBi9ZKbEomu_TciUv_Rvw5v8hYNE-YhAaKHpwGEQFTjKZrACWjrdHJPvHI0h0gVLAF_UZwViKTD8US94LOonDoa9T6LVcSj0T41IOb8tYiyc8NjCM87TW7IXGgg8BCdwmZ_vj0VudXr9_yjzdves2udq0sh0Il_P9U6EiEI9hwmk_ZhNue9N8Ej_PZd5wxYinCCyqM2iDtTJ0xl-28iBdwcPkExIPOAs__sq-gNdvjOi22xn23nV1T7XZN8ihk3wJHw82aDUpdGVgiboSc6K2035C4c4winKN996vJVheiXGINrQurw3kr9ZPBT6tvRNpeaa2cw8LAFvhBe-owygPBUYX3Y0IFu6pNfMe1VujA0g5-_ZBObZnE19J__-SjN5lsvpfocgc6Jo-2F9jqdm1SIK9j36QYtNi-JuPNY6HWO1uOc29WyALZPrZjo5VE4cevrgduXe_ue5dADY0RiZpC6r2tFPlXulXHZoLpvv3whNl5-Ivjx1cSj-M1T3Ciz4WOnYlhwIqEJngzLxsf4xFmaxxyc_g-gnJm5l9_aC3j-3cSBrvsyM_lWRw7qXMFE5150KEwUe-PwSRqATvKNiMehGAK1Tjlcb_lLFAMptXvBqcEDbnpD2xwBh5ZRWu9N1J05ozh0ronhwir7n0P36Ltj5Vi47xJfpo30CQZFxBDgXiLZ4Ol1gArm-SLWq69R29RkmB6-53m_WQ5XeE7ZvlzMzmj-5txpOfkVwECzhYmTLPuosGDGYPGJjyxZJjva9ZSOxh9mPoeLu4uNtEUIIhlXc60Wabbd03_zPKbDpHURuPI8cSVXjnmi5cnD-xJlu7oOdD4FFlJhB59RUo21uQ5lSZ5-23nH1s9JSvWk5zWsIFhZLXTs_vkbHX6CerX6dNwaa8GEnyDnZnqGdYf-kqIOfR-L4WbDF1WZ-9kN9Wyj6nTPKdukXks-VZc05dTeHpPUTxWpiHdMtkfdLLlkDveB0qGE8UTlup5mKb47Ats_zsLZGjC8styb0jjycs9GYqwzrfC9vXXyM2Es6JN6ogDRj859e4kOlvp_DvQQ5Yo-x8VeduSxFwNCs-n6tqLRgWitIaIVXuu16Q5ubiV42QahqRHZStrM3q1F4v4C0u0U2TIvzJIlBWLIoX69gSf6RJN6nbYaoV5_-QQL3gTAxyCPhxzQCfojazKhjM871cV2LqxGfooMMLUVc0EygnZ9B5RjEslmIi-SgWSfAw8Flu4JH0Ik2yxQhxUB4z1TzX91xzzf22CyDlc4ZRUfc2Ad7ZxPjwrzYWgbdH817ZVhN3EvaeEQ7o_tIcS3_q_hbblNOqYAhKk-UvvgA3n1uVS2JqUuonzJCl4dN0xdyUKQ8K3uMmaZeen0lT7fXJoTPkPdQRlrMor0XKzuDiOth3yNercyR4o9t83bDVeqE5NUydVyARn1t1eyUseE_lg8LHX9TqlTWhoT4wBHq9EATtj4QeazbPDg_WjIhRJuWTpA4d0bS_pDz3mdlvI4sQNG17zBEJrxIa7XDZGXN8Nencij67ecNjfuwKgOL_H6eJUZBh_unS1ARtaY_2OmsEm3FDoKtthRpnUfOANTowCpML3fvzXcDXtx1IHo2ngvZjS_G67Ilka45eKYZppyEKaVW-1LR8DbAc9xVLFm6gM8GAbup3PgNmrUq38dIiIUI6hE1nWQx7QoxMZahoQujMt6EcD7rQLH2N1eXgy1ng6TByT0qmEWUV22SL-1p3m69VZZ7DPXX2CYA-3FmWeEw5okio7rlNVbtI0AF4SJ59EDJmjru_UL2kDkktDekEbvbsvR8lIBONb7DwUIWkQ5JaM_ZI2U3CXj-ddMX57wV45Jz4xlYFWfCqurqivrcpfb7ksYDP74g-tEoJUoRrzt4whCHoo95d0V-8lVScbWNfXBO-CY6A6jLDO1uxXk6CKbIadBBaEG0-unsBOXBkFAd57Exk20dc-FtKVpFnFcbKaeARFiM_ng6pOnyBopLgM8lmO4hOLYn6qQPNBLuvVf503dUh4GXooxPc-n7cZVXPf2PjnABORRRM088tYbsVwsI9wjMvrVyVKOYm-pMkYD-zAjSbHfkpagc-IQFPU6JMcKh_8XxYBNgleW1Aq7mwAtXN_ghq-Re0UVL1Zqz6yaQi4QNm9MziWe94xV3fEmcwKaOhxrdbQJqRYRK07uumLllcArA-AgQpMACGfpPFhDURw0BIqVS6OOb2dFIgOvZpKtC6qy2ZllpZj-WEJshsG-vMllJLX1XjhfDcIDkFSRfWvc5OkjrsIIKUjbwa-9J0ydlMFdsKR7CSL4-ZcSZpdbLyE1tzRTOEKTUdB7AY8CneK1O7HqPXu5gM9rUe6TbMCtdnaXGCaTzqAyyUCIZeqRsVcg_N3woSKsJuSDJlIVaxeOAgDyuimgLMkhiITqjjoQCptLTr2CRvRazaBt9C1ZjGGvA-EDWs-C5W7AmV0qMbHjCdCzGbNTbLmxEp47YRdJkdqPol55TLyMu9zn3cHhA0ZO-JlT1GtvhGQZYtfqgYUqoFrikCEsCrRNPWWCiGFZBGn87cZGhYIABIS5GhIphB1nMU8tjp25UsNu7xvYAE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 10:31:49 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 802B 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 10:31:17 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 802B 0
23 B 43ms
42ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvS93r9ttJyawge8ctGNxfGH5TDnWDdu1D6Edf6tV77okp95J5r-POLm4EvJjuCzrk_rHSKLfulElvBDdPKbif1MoPOIK6bTpH_CLdhyl-B_1B-1xtZxb-adlM24ZVDszyrlPQTZVAGCLuBHIT1Bl6Zvg&sai=AMfl-YRppnmpblGQIFJgKQ83rK1obsTqCUukp0YOAFH6mzQh57CAwbkDRl6RAGNNscxRnhkisiFUIqiMG_aP26JmKfuiWFX-Fsl4_HY&sig=Cg0ArKJSzOs_qY8sEthJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20211111.91497&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 620000111_Q421_AI_zerodefectsV2_static_728x90_NVIDIA_x_DE-DE.jpg
s0.2mdn.net/10774078/ Frame 802B 32 KB
32 KB 25ms
8ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10774078/620000111_Q421_AI_zerodefectsV2_static_728x90_NVIDIA_x_DE-DE.jpg

Requested by

Host: d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
URL: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25ea783c366f5025d20945611168e63171fb00870c0200a1b6ba20612feb3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:00:03 GMT
x-content-type-options: nosniff
age: 1969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32504
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 16:11:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Nov 2021 10:00:03 GMT

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame A591 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 16:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 16:13:39 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 744E 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
URL: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 10:29:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 744E 8 KB
1 KB 44ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
URL: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 09:49:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Nov 2021 10:32:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Nov 2021 10:32:53 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 744E 14 KB
3 KB 34ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css

Requested by

Host: 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
URL: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 05:51:39 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 744E 355 KB
123 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Requested by

Host: 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
URL: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411927
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125995
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 16:07:26 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 744E 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
URL: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 10:25:06 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CC7A 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 251087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 409E 106 KB
37 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/
Origin: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 08:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Nov 2021 08:13:47 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 409E 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BtEHVk7A74l2D_RfngynL9E_rheJ7jeJfgflhdoW93oTFZCIb50xkPq1K9L8fehXOSLYGV-swbowFIe8VBNZWwBsZn0q2z7J6GNO85FQn65fzApQELFejcxNozTKR8t_VYeWVcyApYXcKH2D1GwzFZjY8ywQ&dbm_d=AKAmf-CKrarDKIQ7GttgQZ68tmnhtaMX2gl0aqzCwt9U0Beel1lX7kNIhmnog7PYkqk9dmp0awohcfbQF_SfE8SjRZecK4eO-_C3w5j3BSHWC64TWbSwO5iyAjp4k1TIbtmIQDuZ1Mo9WcZrnSpyEqzLXvOO7QKenfzCxmgfaitwUR1SWW66adSgYkhl7FcEQEtLLl4OoGsh6nIjsGnliRBusqqFQ4OVBtsgM_bjB34sAir_h1vgMg6LpoSvIbnbHy38b6y264IS2D3_H4QZo03OKlxHyTNnEwt3EDpkTHb2hlMS9dAeyZIuan5xl69FqznBRfhvsI-OgTXPpt1qc1Q5LD7dlm83hFRQ3WQZTgVmynorm-j4hqWbL3S4Gp28fbvG92Q4u4qdxVTVbvyadK7lK4K8tioQEVCOptRodWCuNyqSomHxVjuDwXcrwTf1hHqvvEq-1YLUH05YUE-gJM4WKh0fAC6nk9HczkCeADRwkgDuko1G7d6NfIelsKaQqVbgWjX_13Rtb6-T4zKeBuJJF9zFZ1u44RHAE5uq4XIIAiBNceCd8SDB15jeEDIsW28nfLX5qcuVILncGOXmpbqLNrEU4kj5hccIfCoBUfn9py_qYoBAioutSttKCPfYmc1UXkVYlYsdHVvkGMyhiuiTvnTfJcRGV9xQbSeUossHtp_N2mm2C2LpW5hC5Cgir689y1JRzDhLR99IbVELjrxtB4YzuYb0vn3hkdwcIFE7p5TS9iFesoliZfE_j-26PSuPmjrkbsziu4L8spmuoHQ7ffeOecKty8vFSxXNSaivhrweAGaE0qCRTji05DPYL_De8ERNN9M7AKEKKl8LsO1OUpkbrqGvd2-hT9G4_x9HajnfZSuTSdD-SrujlPOhf7VE8PLLIQIS3tEkoGRj2PF_MjGwhjTOaYHsKcZPGNORdYwvfqDm7ApNXtjN0COBiWmzTJ3ZoaZLaCI3vj5tqh3SHUhIK4hg67R7MRYxvcQiw_UOZTVGs6SCv0lgFLI7g9kT88pAdMvRtQzYUxIYpYuXl1edLjbBpyl9qBBkKRej8ZESSx-AjoC0YZafQXPW4nMoJndSZQV9_ltT0BfaWVaiInwuXqBTVHi9wsftYMnosjMQ-UlQbY3MZw_v67-0WRO5SONqCk4Ln5FOqEu4MV1oCCRpd7s21gLdzGPjzukdH_XneyoU1V9Et5dCqpu2Z5Cu76zgnM07rhb0J5UXAuh7lL6UIY4bt2RHpjDA4tbeRcWiPRDGpeQ3hxWHwRYPryM2glJdeOq35_J4hHiDNsKepnPVoVUEvrsls6GoBUFHo8S6jWpNyexOLszjBqhmxRYQF1eN172xepw-evv1mKaU1Fdr8MCxKr3cgCb2k0i4DFAft24RO2RVlnwbeS-zgkdPb6Ny44TO2UT30bt4w2FY3EqjZyzPggbjZe8cQ5MckWZkDdqU5x_FErsMl94k2SN5qOTxvT8L0qoKfXuaLqtJK9HTg_dszbsYpXbsLQChg-fSLOMCl8rl7rSh0ms_dwvYRTzyZIQZ7sak0jtav1iuCWm3r4KC_CpaWqbzoWDGziaY6-jW19fsIFGykCVRREEQY6cFBhBHAbc0IfoYfQbVw2-AS_09ABeWBl0jlAk1OxB6H8F0nELPOj0RikaSdSTmxvyQ5-I8zw0ECcUgh0YipHr995SruL7jcGHrWKgqhqnwllbLSxk9jz_6QtpHkbltLXiMzWC3n0zqNjx1d_m8s0DB431W9lAU4C5596pB4IORkW4gWww-baJ-UQjBHk2L4zeZUMbmcCmWMJzTWBJ2gDm5lrXyXVRV20OmX87_-1Tsl-mh1ZKRKP3ZDWyLsuXGP01D83qnR6Aiqt9QbP160yi8hhiuDzDurRMjGL8iNRQEDbNOae9XSchDBUidLEmKi4fHS0N3TKi80eeM2Pkuo5jdpg9w0uptou0FTHlVsDFdwx5W_Xwfm1ScmAaGAx_I7uo5U2wUlUCdn5Y3gEiVAhjTCT-eK8mA7XwlGA39wTULb0gECAyfssCENBp1ifT4ny0tZIPofDMWNNzCj6l8o4UWppKdwJSeHdfjpb893FaMOF5jrNOeo9GgWIneiB34MLCN4WR3aYzqJ8MitNplx434mboYxo5ee9gtr15rKNiEH1HaWdEdhdIYjoTXEtDOqhQ-iousiU6n-9zaG7ffVyov_zK4n65C2hci1vvHtUL6WjFln6-LAOlBBRrdK8h60klu_vwbFR_TxADT04VmE70ogfs3b2ZfkWVWnEPGm76JvYlhQ_8N05S8kOyxT-lPgTmj5Y0S1SVBMfaNBpF01lK7UbCd83g_F-I9vCYZe_40sI0CM3ubpA20ghFhZ1av992Qg-WYQrq_GIsWjjn6ykvvQaBb3YjOubpiEhkWssRW3Qh0XCEsyxlu4iTXkrKqNtXSmY8kwHB7799-ZirHHTbzUXZOElSQt3iQvgilbZEUwcLqfYUxE9Pwrkww8sm0t74hGjOaViCEYCG59wvo7QmWVio4cRtxbbxtd5ZI5pF_BMV9leLz7wNHhhlNLuqAvlvHBGIOZ-7sb0aRr8_Jhn4bVL7ERr_uptSF5iI3k5cXIfpB-DriXCuZ_R0JBDtX6dWEGr4PWDi3AjeAhL8AC5_FIZsSCbHs1_WwgZ1cyqMjc6jA6zhbkGmrjQAjjDywsMTelXFSwckd8wjGfZSLLHfIw69EAedzQ3YTgb4xQTgznJgzdsNB-yZriBpshOckmAqyI-nSrYGyHUnUamfHYVOPfDY3QsKwyEeLblB0lB5v0Pnrku1KDrWdAmdtnOc6It6MY01bVp-sz2cIfQANyFgaZ-X9cXUxSyssNb6GocEWqVi78slYYtwMiESpAMT9_W4pZrYF8Z-yQl0rz__USFwWJhlhX88MFkOZxXYxlLl__CUNgEkpmJt5TMu-x5MDaUlzcHtcfY-IehMnppGEZH4Eu-KKH1fFvKUtuAPGJe2p7UldbcFVSAVSJQFE35_yLJmRdk8Av412vLdzPu8m-oAOQHM6v5gw53rziRr_CXDg2YM3SW9-sW3-4AGeG82ywBfSWF8jfykYAx97znMjktABHmKzQsEE1LqOUbDq6d7uLYFiVUL-j0L4nu-z5si0jPOQgZRU4hkGIoE1F2xzShFdD_Chc3rCY7P1azF8k2FiNho9maiCy76l4L9T9QsIVA4SaU9cxjgkym3M6w537L3w1PWS2qkygU8HbZdw0whK8x9slaeh60QrAaHKEwdrgngioR3rn-Qr74-ikk5tUtiV1R7F3JPqhYYGin8zOphsXCzzi7HeqlhWKuHfL69EzwwAxVjB&cid=CAASEuRoFOxoBqvRlGZce3Bx7Gql5Q&rfl=2%2Chttps%253A%252F%252Fhellosehat.com%242%2Chttps%253A%252F%252Fhellosehat.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 10:31:17 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 409E 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 10:31:49 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 802B 0
23 B 42ms
41ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 647C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEyf9zN9GhlnfBV_KZm3ixg&google_cver=1

43 B
61 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEyf9zN9GhlnfBV_KZm3ixg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNUoEVd18gr5zE6Oxw_vtBrL6xOjjot7nmmpcLQ-XsXpl1hgko0RbsQR7RBGuBlRGBNK9-N3jzCQlAFmBXglsTyzmp17Dx0ZPfPN0e6Wg-43szjJqOKMMlGCvBIzbuhT2eoPj_tfpYCFPsuIdDHBd1qjy2qltBnIGnuRpJTOJQRsK8VlEgU
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEyf9zN9GhlnfBV_KZm3ixg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cm
us-u.openx.net/w/1.0/ Frame 647C 43 B
75 B 17ms
17ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNUoEVd18gr5zE6Oxw_vtBrL6xOjjot7nmmpcLQ-XsXpl1hgko0RbsQR7RBGuBlRGBNK9-N3jzCQlAFmBXglsTyzmp17Dx0ZPfPN0e6Wg-43szjJqOKMMlGCvBIzbuhT2eoPj_tfpYCFPsuIdDHBd1qjy2qltBnIGnuRpJTOJQRsK8VlEgU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 647C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESELZVR9J_4k1caOwrjHso6TU&google_cver=1

23 B
172 B

57ms
57ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESELZVR9J_4k1caOwrjHso6TU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNUoEVd18gr5zE6Oxw_vtBrL6xOjjot7nmmpcLQ-XsXpl1hgko0RbsQR7RBGuBlRGBNK9-N3jzCQlAFmBXglsTyzmp17Dx0ZPfPN0e6Wg-43szjJqOKMMlGCvBIzbuhT2eoPj_tfpYCFPsuIdDHBd1qjy2qltBnIGnuRpJTOJQRsK8VlEgU
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 29 Nov 2021 10:32:53 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESELZVR9J_4k1caOwrjHso6TU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 647C 23 B
172 B 54ms
54ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNUoEVd18gr5zE6Oxw_vtBrL6xOjjot7nmmpcLQ-XsXpl1hgko0RbsQR7RBGuBlRGBNK9-N3jzCQlAFmBXglsTyzmp17Dx0ZPfPN0e6Wg-43szjJqOKMMlGCvBIzbuhT2eoPj_tfpYCFPsuIdDHBd1qjy2qltBnIGnuRpJTOJQRsK8VlEgU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 29 Nov 2021 10:32:53 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CD6D 0
0 62ms
62ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=1785235415665783&rc=
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4919 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
URL: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 28 Nov 2021 13:26:12 GMT
expires: Mon, 29 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 76001
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 802B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67fd6a2020a7402397ff5eb19e0d7174a9c156bd716a67821262ea17c41aa3b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame B970 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 16:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 16:13:39 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 744E 0
327 B 312ms
101ms Ping
image/gif 2607:f8b0:4004:836::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kwkj908t&c=2114026669966&slotId=1057013334983&qqid=CO7HuLSvvfQCFckt4Aodcy0Jmg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:836::2003 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 744E 15 KB
16 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 405394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 17:56:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 744E 15 KB
15 KB 31ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 247985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:39:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 744E 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CIXxUVKykYe7NJcnbgAfz2qTQCYvLhtxm-IyZzOMO8C4QASDrnrdjYJXikIKgB6ABwp6ElwLIAQWpAj1RnsSV_bI-qAMByAObBKoE6QFP0JG_Rtm0gznmqsa0pFr4aM0kMyqfa7IcsT1epbCVmpvNV_V9lJQ9upsJVq-_cK2C4QnIYIsj9j2T39QUjhP-jO_EKqdDYQb8I9w89uzzzU1COmxj3oywRnFrZNNQAg7QgolmQlZX6ypsDTuEYxUB8LQ2xEK_rb-sGkwWkIY0WYSo-p_zHC-YrlpbzlUF4nkLDXTy2vViRXzy2qp923UEh7necILZwSoGb3AM4LT1WK_BhOqPFs7W97AgLnYxFiIyl6n60d06Sq0gYB04_e6Km0eItvrhv-lHD7ipg6hGTkb0TK-Hqlh7tcAE1-K1s-UD4AQDkAYBoAZ2gAem4fvoAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAcgLAeALAYAMAbATgI-wDcgTmqro3gPQEwDYEwqIFJ4D2BQB0BUBgBcB&eventType=clickstring&clientTime=1638181973121&ai=CIXxUVKykYe7NJcnbgAfz2qTQCYvLhtxm-IyZzOMO8C4QASDrnrdjYJXikIKgB6ABwp6ElwLIAQWpAj1RnsSV_bI-qAMByAObBKoE6QFP0JG_Rtm0gznmqsa0pFr4aM0kMyqfa7IcsT1epbCVmpvNV_V9lJQ9upsJVq-_cK2C4QnIYIsj9j2T39QUjhP-jO_EKqdDYQb8I9w89uzzzU1COmxj3oywRnFrZNNQAg7QgolmQlZX6ypsDTuEYxUB8LQ2xEK_rb-sGkwWkIY0WYSo-p_zHC-YrlpbzlUF4nkLDXTy2vViRXzy2qp923UEh7necILZwSoGb3AM4LT1WK_BhOqPFs7W97AgLnYxFiIyl6n60d06Sq0gYB04_e6Km0eItvrhv-lHD7ipg6hGTkb0TK-Hqlh7tcAE1-K1s-UD4AQDkAYBoAZ2gAem4fvoAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAcgLAeALAYAMAbATgI-wDcgTmqro3gPQEwDYEwqIFJ4D2BQB0BUBgBcB

Requested by

Host: 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
URL: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 744E 30 KB
15 KB 56ms
56ms XHR
text/xml 64.233.167.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CU5AQsW6b8N7qx3z1TpBeQUItxmBhiH1ynzgMUm-UHrAifiuoYsYsM4nWQ9kF4prkPqXDvBGsIfNOX1dLEnuz1smadAA&cry=1&dbm_d=AKAmf-D0gF6YzJ6a_34bvW2H7uLT2azzqC2ERkee4mh1Qj_DeT7BQRNL9h-zs7anJEm6HaV-sfPT--0Li5pqgVyqp0gjzE7H17Nrj6qzKTDDLyPHjRxJoeod0Rk4S0PJagQC5pxP6-WBfhgGmH_hB_sLJFa3ZjxjItg5l-hisBIfnYR0vHETIdw04D6WyGocrnQIbFaIrfFvTMq4y69gzLC37pQpIKC146KmNWIByji3M_PVcTr6HaAUxu6xlDBpDdQFFL4eiv3i41PXvkofaVuqa89UY5cz3HMD4CuYqmnAjwLnYpbnW89jlneFb-lBFDKIaOJjfLDe6WYW0w3MGPpRCG4qhIFQH_UEnsIEEo_tlUX49dfQUU9NiaJwcoUuoNrlNHEXvxTplYieJmp5Ql2tuJXpqr3_P-wwKYJc1oikCJHBaP4Jo2Uk2FQoPkYZLH9LFfvAxNoahET5HELFenMJdYApQxXKM8CHNoJ2O5oYkW7LToj5xIpVA1ZMmJmgSB33E7lQKN5iPnGNajNmbma90rZ6ipxhbX0YpG4DI5ohBUovn4JPJH0g2sMwVcy47H9im8bwKP2S-S7MMaRdoIsa-b9z96aHchBWtlVhSFyspb2V1PuxlIWsjbgC8zX2dkBLNlzAnuQsrL19ra3t8onuYPBHXSwFBpF4lf2kPf6OqmLNttVBmJ6Ka4MiojOzxp1KWiX6DPpnXS1uIaZd65ekZ-wp-YJD_YERxpoWcRbeoyva95_AMlyKliiIjJJX6PHgkxiN_6yIpoPtWV9sUKZrrGYFxF7w9eY_2sTFdk9lMFmFj2xtATZ9cMV9bnB3PG8tBLSjshsQxcQPJVP7Qn1OnRsjMlBnKfrb8PKrRJqizDHxH8_7KApa0NUaSaA9sKt756gBYI1PBLUk3w2QnT8qOvo4sL9FSELlSf4LOXiH1nkMxam2iIJ4lBe6yCrWkO5_JUv8icv8bS09NEQPGeRr21iYElJnBc5UnASY0tZZ4lnKqcamisLOHqeBW1QBOvDXVA71upW2Xx9ouw-nbWeR8Gbl2kvQNUgfYGPTa35ZxeQqkIy1m4x6KL2o2QlSxpolVU2O6owPv9Cno6GEYfx77wohViKg5HsIyKxKWd8gtrS0cJK9ttFrTaN7JdsZKF6GFrqosy3rn7VsLHiSgfDXaTRUuhNb4jNePhKJEKV6wSEXJTap9dE8p4qkxkx8Pf8cv0bvXRx2qJTSjJDJ4g3Z_5acTStFoA8g4mYcxpNbKf8KXwt9-iI6hVwqHuGWLl3SFpCRwK8cCDAfozzKKRLovYOZybWDG8KmXSs7vp1EfWiOrVvCj3MKKKoQ1j_q_WcEsgJuVyLK6nkc3GL3tV94T8wnzrthAFT7Umn4jCOi79Xv_3sSyxcy99ySHVyd2JkN1iMCWCIF1BBgl3L6L3M3D4-hfsFM6tcZiEmEWWAhzyEOM90J6Rul2Y5_eXbPMMWCNAPUcePLXniA5oVZLc71tdx5waCPS4BVN5_SpVTnLT-CoSz0E75BLOoq1cnC1-qbtvRslv80reDN3S1GDdSZNHQ0FzEnM9W_wUQ86JBwi8Y2bJPxDJBRnMF9oeyEp3J0CZWqIVgxGGxgRyLBNWarlj0U3UujASpu_Wn-ZlB8I8zOKS7tYsRwDV0ao1DgzWTASGRNURqLiw8hHmBfV1bWRYeFt7995204fmWVFQv165JaXh2nkLz79Rw_ULKFU8a4gbETkoAOsMGJTmy2b31_Vamrs2ZRKnTMH0Xi4ugWyDuc7B1cwa-XgJy984Nz6lCAmjHNRE-xDA2AY5IyOPjHayWWztkDGiAaSLsGWfmzvIOPdt1lf8Un7n9MiUTxaJ-zhZR5hq_geiTstWytgoiM5jC_ZS1W71_I-sm03u1kY1AFiMjY_giMUdY7ZZgD_yQ2HBKPo-FnaObS0YmYESRR7BzVfoC0q0ErCtVAMoisYupEtNekH0oLag9Pacny47EH_X4jqy6q47yy6bkwDC-Tmk2zauEDZn67gpd6rtm6R0AMbu-83knci-1iIEM_SjClr8yf7Y9ywZZOFRlPmCkkpN4yNTzMDcTrkEaa1JLyYLNq50sDLUe6ZxbTUUv0v6ZySA-RZahDmNafF64GVE72amLuXh3LZsaqFLZ13vFXm2QgtVLfcXN5M737_pL9MnH02aaGsiTtaomBhDsJQAIdedm9cBS3lxmZT3TYXPvYbbTM7ApTuj0guLGfW5S7pqDRN5zIwrxpON0TXJJb7m0E7ZL-CueGlUhs3gyMWxcRMBTnLpy_KbPtL5qGHDJv3tMRXCpOkxeltIzDIuQC7pcPraLi2vVrHq-DaB4Brs3DXH5u5UnxNIQS0dAMTxVpHJ63zeTmdTTpn_-6eCuYFPu5Oai-QM7lRu-8tj5AOenGB1-06Bt2isz5LPWCIBINekQYXVWEIldfchbdymhrmhRZ_alJtpQ6p5p67DJDmjFkucKZq2ToB-NMFMGkbvyrLXUtmjn1JVj-U3R0Q8ELbXevSLWP9JiiA3aS2ugBV58HHlIno0zjPUzSoimw9lPxk6T2LbyKzusIzutbVONWXQtTTCEbTiT7jra3A4MR2mUstqLYCRelw5tFAmD71saNIFbcTI3bqtB_tt7xmcR2wDKCjZDoHrO72XLV-bRdGgR3R6iNphjpFAyuHj69voFS66_NMaWy5N6_DJSeZpJIJtu2-MNz14dZbJMWFrP6mHupGnJ-sOXPiFTQGkBvAmun6PTyApkV4vtT_wLeSKl6tBrL76iO32J_idv6fV4n5B-J_JPIJXq7pQemFU0kklQRKdm8E4gLRdE2pN3BDWUTRzstnti6GG9Q2535fpzPMSGsWAEHlYC3yRZafEP1DvanYydpaE06zpFdr7hk7LkTsASqrzHEZODOg9K_YK8f8NQkkQnKWvyDazaW7M1FGjhzM1UlQ6l7RtuuprjBo8wH9ob6u9kdCCp7bekjR9uZ0JHEPfvcRVKk0ltSls5KrbkKRUSCJ-FeJ1NNC5IZ7Cjivwu_YhoCrFnMz45TJO-uht2Qu1IsGb6BAI9XgJF1gLWBrtNnMz6KyDcE9iOo9aiGthZ3CobziZ0oJJHVBF83GV0IVAMmvlrvt9MGsca14_OEyy5Mk21H51QaYA9KdiERogG_GrEOqllQqZ6ixaFuxell5atfb8gZP_H4EBM581kRvczSBIkXaYdIk58df956khLMDYuqtpX8vdDI9nIVtTBeKFx5qIsU-mGF97VB2fVi1OYxIdwL8iTbQReAPnr7u_u9I0GPce-OaJKJ6SbCcoiBujqUb6btC0aP9dvI64UiPrmgxnlpldVkttPM9dhd9cJY0uv1pjF34Wg-BcCpDC0S4DsW2UNas8K1W15zB2P1H10SkJOJ6zh9v2Sy0WCqGAgVrYNXs9I3S7xZ1VfrcYkLnglGlY_mq_4&cid=CAASFeRoASrQqY90y3b0Nn5aw19OsUlg3A&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.167.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f156.1e100.net

Software

cafe /

Resource Hash

7f48b7b7156dccf8254dd1d0aba9f2a2adf2cfd51863f68dca712c277f471eda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14828
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 744E 0
0 44ms
44ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBsLOVKykYe7NJcnbgAfz2qTQCYvLhtxm-IyZzOMO8C4QASDrnrdjYJXikIKgB6ABwp6ElwLIAQWpAj1RnsSV_bI-qAMBqgTmAU_Qkb9G2bSDOeaqxrSkWvhozSQzKp9rshyxPV6lsJWam81X9X2UlD26mwlWr79wrYLhCchgiyP2PZPf1BSOE_6M78Qqp0NhBvwj3Dz27PPNTUI6bGPejLBGcWtk01ACDtCCiWZCVlfrKmwNO4RjFQHwtDbEQr-tv6waTBaQhjRZhKj6n_McL5iuWlvOVQXieQsNdPLa9WJFfPLaqn3bdQSHud5wgtnBKgZvcFThFulQlVe2eBD9SMw3Nnq1nDOJyF46Yph8PkhUp4NqNCAgbniZ2EBp7s-nWvLc2gRqeVJiXmmSMZ1qwATX4rWz5QPgBAOIBZS1woA5kgULCCIQARgBSKj8pQGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB6bh--gBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ1ZMpGInHqbsB0ggJCIjhgBAQARgdgAoByAsBsBOAj7ANyBOaqujeA9ATANgTCogUngPYFAHQFQGAFwGyFx4KHAgAEhRwdWItNTU5MDEwMTk3MTgwMzA3OBjhtGs&sigh=RRJt3XIdLCE&uach_m=[UACH]&cid=CAQSPwCNIrLMmzXEhf8c-5RPdqvzKeB3EEQ_3zeqUdDHyXZqeSjXGPqH0RHJtNB6-7wTjWSXbQpxVxrzwYuI0EEnFQ&vt=10
Requested by: Host: 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
URL: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 744E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e9eaaf2e35f73ede028e48ae7eeb24323471c33e4924d1ae0bfb0c9f22e6b7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DD2 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=3209391782315946&bg=!CAulC0_NAAZQLpa_UC47ACkAdvg8WkDCH8AlYd0WRl7lC-dT5SywDY-SSjYdSEa1kZPbTQh0hCjGlAIAAADWUgAAADRoAQcKANGYiG5xmdwjAXAxESTCsRyA8sHglU88Q4xIJ0afC_HxJwFG7SH9uzzObxXyeCL04U1H_a1WhUHB0p-SqSVcp05fAFZLQZiI0h-aKEa_I39g4CDKiDdbPhTyWED97xqiO1IwKmEnWgs59AxFTXnCm-EpiuCyZmopZr8VXvAQEKzW-070jNsVCnadzBB9vRLVp-HAq38We9wEhSE0QKLpTbYdHBsUC3WoVl9Qp8L4ITVeP5BCULul2QyK5TqkQomYwl9hcQR4mFKyDY3RlLueoJ6DF5kCqIjTIPYtd2Kw1Ts3yoi8hdBKUlGzqeX7sUYbWilDVd115UYa893-S_7VTkwKH9O_fAki9VKPHiWE4CUq7QgZFdEWW4Bf8Leq9no3A6GqpPvU8tsdVkFaoVw1rCTPblxdezdnDpxzfxR4HL5vh_PgS8wlIDiNKq6mvA5EzMksDeFOSYEEeCFyWG1p4fLwqa60CdVqjQnZddPoTATzvs-jkFi8-w2mE18qXeIRPMEy998r-NHKFsFBd4lQPwZqLPr3A3KkHzNOhqvr3g4hpLrzhTuHiq7jKUZFAk3QTiMxUrDnRc3iSY9TsnW2zjKM-t3M72r6VdcrYAev7agdxp1y4okdBTUAxfZpZUAKbXzIBYXlrmkUVUUHDpaIpEy2CfBLoqRekVlYbk8Szjfb7PLMUv56hKpLVVKGRfNZQSV9BsQ1yqJAkigoJD2bZEYb7VKGcQR6h_Sbv3ud7kix_6VBm7dBP0Mh2ioS-9rD0QsFiV130UdFEloRyN1JNiM48cTsFjitnwZIhDMkfrMrY3rU5iEvvN9bO3MjqOpOR2KUAI1_O8KDWv0R03bGVFW8tcx9SwhPLJC-63nZQd0nv_34CABSSsB0JIbPsipu6lNHrmlsmt12JDRLLom0T21xBBtVFXeOy9KpQT617_S5oCaf3OvN2OnGKtW3xwHMg3yoNNXMlCljDIw1A5eAuUP4Ia_G_lzzLEQIVs-H6wkxU0wsfUHal_aOleZlRAiOUOjGfgKu2LZs0VMjRDcsgBVp8Dftc4J6fKcqo6pzXzAbNrYpUR88zll05vqLDfNHpggGpG6tH40F--yCctNmcGDuKpRLaSCehcTc-Z5JEmceYdS2mO8r8wu_OjzmsbtDui6UAIbLroZLHvJr7anYJPcL_vh8YwFaLwZ6S_5r

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10854603187357092472/ Frame 7A5E 11 KB
3 KB 10ms
10ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faee908c3c6c520580b45261c3453f787874e263befbed4a555741be85ea548c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3342
date: Thu, 25 Nov 2021 15:48:12 GMT
expires: Fri, 25 Nov 2022 15:48:12 GMT
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 326681
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 409E 0
24 B 50ms
50ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCdDgxe1n2EpiMhNbdovi-4zCBfqFIcKePyRk2jq0g562BKNBDP2Ou5NJDLEsmwqI9-GozuyAAcaq6od9zNReAMdDVQL9eLr6qF4mZu0-e22PJ30OIWFjGpQhW6zXYcvTe1KItO6U_TKGi-d9G5F6IyRE2ab9JoOrHjU5yowLCbA5WwF4d51Chd-xBe1-8PeUA4S5LsepKB1v5gse7xZudRpDW-1PjX_O-s5DrcQ77vwIkgw_7dDZVfWhR94gCrgL7uWaBGbvTyBTrOn1x_NmrzHQBjLcNaepoM6qRIXgIDprJOr_sxUovpJCIso_RO--SX-URDZK-T74m4ddscWXSpeGvvgIExQoq1L0qZVunBqoqC6r0cQXT9N3HIJybI0bWAZgtUtifsypCw9Ts1MZ1wq8NXDrGqY9KwZViWZRTTcWg1NbztYfmsuaJYXSYRogR40FC71zpga1Qy3VDWFq76OyBbIO11U4F7GMMDrLXJCZHHD6PaFBi5qjboI8yrD37PMo8vao5FbBzTvGfybyBS3WST1QlEu8qBqOX32h7GC2004oF3WJDdYslr_PNprKdErUiQZvaEtoyexWW7YX0VyA0oUIR2xMsB6l_l58qXoYRBPnoVoWAmnMWzk25DeTKGI22WF0rl3B7Ut8V8gI2KXWC38LAdsknZjeRVgIoj1akyUg1hTEyhAuLgQW3burOsabAHZ3iF5djaODgNJrY4joilFVciG0mblhrA3HTVM16EOnbGgPRWxDokg2jCWOyK6PFsHgWJpEkbpfu-2rd3beIhehT1p6KZko4VLL3vOerI7PX0BKKTjohF4WqiorvySmxst6yXoKDT0ux9QqlVJXRFd25bblU-I9zVFGksDQanGg9di75Pfb5SxFEX4rOOYGau3xUcVtG8EqqZb1mu6bQo-sFkNCHxgtU4LBzxDD0fsqFx3uDxKfZSFCAi6Op1l_nOoK1BrGqZsExoRpFcKQl6EN1lFfTq-ncRFExplxAHvoXE0QQWlrr1ckhXXP7agnFWXlLIw_OCeUAtO5kssw1J_HPEMxiHgmRUcvd3JF8LgHHs4aLM0_k5ltEJlyWGu42ad1pJYfc3ON17PtIXi6n6p4cipfY_Ze76QXoh64zlvDv56wAuaJYur1zAvKfzIM1QQXN7iGKfQbso0JB9pjrCd588Y7HMxr04IfTZGK6uVx8eNekXrg80Mj6mcRjlv77GSLNsfSA12XFZbg&sai=AMfl-YQMePXQMhGWvz4lru-HDduTeKeMCa3Qc69dFZD07yVoZg6nxY-gxAb44ylB8bT7lhB4kc4ew66_zFlr3Et_0x07vBBQVdSgXSx3LSx-yw7qFvZX5RKDek--Gp3KM3-Sv79CPKxO8iE7gK2QwO0g3f929HCZhQ&sig=Cg0ArKJSzK3ImWFIiFZhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=134&cbvp=1&cstd=132&cisv=r20211111.83455&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 29 Nov 2021 10:32:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 409E 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com
URL: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
DATA 200
OK truncated
/ Frame 409E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d127899fa77adae7e7bb43caa02f75edd8a56ee6435e80a051e62632b7b4c9d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame CC7A 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 16:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 16:13:39 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 744E 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 24 Nov 2022 17:50:29 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5lznle.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669717973/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 744E
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669717973/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r1---sn-4g5lznle.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669717973/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

52ms
7ms

Fetch
video/mp4

2a00:1450:4001:1d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lznle.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669717973/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/445969E527DC7C515E7F0FA0C2020D74DA541EED.0C50142032B9BEF93AC593A77994CD4242A91574/key/cms1/cms_redirect/yes/mh/y7/mip/2001:ac8:20:90:13a::1/mm/42/mn/sn-4g5lznle/ms/onc/mt/1638181476/mv/m/mvi/1/pl/54/file/file.mp4

Requested by

Host: 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
URL: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:1d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 10:32:53 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2185448
Last-Modified: Thu, 18 Nov 2021 13:11:20 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 29 Nov 2021 10:32:53 GMT

Redirect headers

date: Mon, 29 Nov 2021 10:32:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 650
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r1---sn-4g5lznle.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669717973/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/445969E527DC7C515E7F0FA0C2020D74DA541EED.0C50142032B9BEF93AC593A77994CD4242A91574/key/cms1/cms_redirect/yes/mh/y7/mip/2001:ac8:20:90:13a::1/mm/42/mn/sn-4g5lznle/ms/onc/mt/1638181476/mv/m/mvi/1/pl/54/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4919 35 B
463 B 38ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJuLYPL9t4w7LuKRkav-g3M&google_cver=1&google_push=AYg5qPIUg88KND0S92e0ZUqpUP2wLYsM6et68Jq_hys4IYxkcnGDfemp52Fk1YVVVoY1mapeEgTeixQjT9CwjoYWHcJJPnJv04Q

Requested by

Host: d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
URL: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 4919 0
141 B 46ms
14ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEFPgZib5Pdh0e8VXFoYOM6w&google_cver=1&google_push=AYg5qPL8P5tNivkiKW5dTMd7RadZSUns5HclXhdGBy07-QMzkO9WrCFIxScdeZZfvcgaN3OcBe8f61L3TC9i-VZ7dK_uPmSCcg0
Requested by: Host: d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
URL: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:53 GMT
via: 1.1 google
alt-svc: clear

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4919
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKDOSOW57S3cd73sHJCZGUc&google_cver=1&google_push=AYg5qPKevnMH8Luueh0w-fD5Q5hkLc6RE9e0dT9WxxpGrwMcY-VtV8LA0wQ58ud1aO1G5LyJu8QpjVHHopJx2O...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNTkzNzk5ODkzODU2ODg1OA%3D%3D&google_push=AYg5qPKevnMH8Luueh0w-fD5Q5hkLc6RE9e0dT9WxxpGrwMcY-VtV8LA0wQ58ud1aO1G5LyJu8QpjVHHopJx2OYG6d...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNTkzNzk5ODkzODU2ODg1OA%3D%3D&google_push=AYg5qPKevnMH8Luueh0w-fD5Q5hkLc6RE9e0dT9WxxpGrwMcY-VtV8LA0wQ58ud1aO1G5LyJu8QpjVHHopJx2OYG6dwx3ras7A

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNTkzNzk5ODkzODU2ODg1OA%3D%3D&google_push=AYg5qPKevnMH8Luueh0w-fD5Q5hkLc6RE9e0dT9WxxpGrwMcY-VtV8LA0wQ58ud1aO1G5LyJu8QpjVHHopJx2OYG6dwx3ras7A
Date: Mon, 29 Nov 2021 10:32:53 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4919
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEMlb0XpaGytRwsjMNZvfIYU&google_cver=1&google_push=AYg5qPIywvhS4Nz7tA72DkcOqbvV1SOqEWynYsNpEZGIytQAuIv4A57qJgnXq...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEMlb0XpaGytRwsjMNZvfIYU&google_cver=1&google_push=AYg5qPIywvhS4Nz7tA72DkcOqbvV1SOqEWynYsNpEZGIytQAuIv4A57qJgnXq...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=sQ1E_x7rgY4hwyr2NSDb3Q&google_push=AYg5qPIywvhS4Nz7tA72DkcOqbvV1SOqEWynYsNpEZGIytQAuIv4A57qJgnXqvODOxZv2RC0RJe1gaQvx...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=sQ1E_x7rgY4hwyr2NSDb3Q&google_push=AYg5qPIywvhS4Nz7tA72DkcOqbvV1SOqEWynYsNpEZGIytQAuIv4A57qJgnXqvODOxZv2RC0RJe1gaQvxInPcyi3D45oDeMru1Y

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 29 Nov 2021 10:32:53 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=sQ1E_x7rgY4hwyr2NSDb3Q&google_push=AYg5qPIywvhS4Nz7tA72DkcOqbvV1SOqEWynYsNpEZGIytQAuIv4A57qJgnXqvODOxZv2RC0RJe1gaQvxInPcyi3D45oDeMru1Y
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 237

GET

pixel
cm.g.doubleclick.net/ Frame 4919
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEAsN8ekX40RmouUkQ-X62yg&google_cver=1&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mc...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEAsN8ekX40RmouUkQ-X62yg&google_cver=1&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3o...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3...

0
0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 4919 0
75 B 2330ms
2266ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPmvRkpV7r_aQlo-Tp8_6h0&google_cver=1&google_push=AYg5qPJQrPhllCJqj0ALjAznOw_O0hMPII5Q3Mdxbq3b7lsLSkYbmd9A8bfWWVB4cJX82IMNLm8w5bl2wJxzstqGcrExqLLVTYY
Requested by: Host: d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
URL: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4919
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEInKjIEnMs4GlzaQssYEVKE&google_cver=1&google_push=AYg5qPLpxaPf5h67p6pQ8AS5_PUAjPVy7UpXg86d58oqLVC5-r9MFbtW-WBKWGzZHHx36AXQ4i...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEInKjIEnMs4GlzaQssYEVKE&google_cver=1&google_push=AYg5qPLpxaPf5h67p6pQ8AS5_PUAjPVy7UpXg86d58oqLVC5-r9MFbtW-WBKWGzZHHx36AXQ4i...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mdG1KOEJKRTJ1SE9iM2xTSmg4MEdLSURZaUJvLldVS35B&google_push=AYg5qPLpxaPf5h67p6pQ8AS5_PUAjPVy7UpXg86d58oqLVC5-r9MFbtW-...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mdG1KOEJKRTJ1SE9iM2xTSmg4MEdLSURZaUJvLldVS35B&google_push=AYg5qPLpxaPf5h67p6pQ8AS5_PUAjPVy7UpXg86d58oqLVC5-r9MFbtW-WBKWGzZHHx36AXQ4iuxRq__Tf55hO2KSXFozc1v0ZtO

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mdG1KOEJKRTJ1SE9iM2xTSmg4MEdLSURZaUJvLldVS35B&google_push=AYg5qPLpxaPf5h67p6pQ8AS5_PUAjPVy7UpXg86d58oqLVC5-r9MFbtW-WBKWGzZHHx36AXQ4iuxRq__Tf55hO2KSXFozc1v0ZtO
date: Mon, 29 Nov 2021 10:32:53 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4919 0
12 B 32ms
31ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JfnHTPwmp0yN8ku3XhKM8lzBnMHxdMW_xpuiZ6etN7m-VNHCXj3qcV1tkZ8-80nyfV3jx5Yg

Requested by

Host: d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
URL: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 img-bg.jpg
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame 7A5E 9 KB
9 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/img-bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13c1ab8db979abe38ed33d2f1becb5d085f3281286097f5ccf7ef8ee287072ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:12 GMT
x-content-type-options: nosniff
age: 326681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9355
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:12 GMT

GET
H3 200 img-motif-0.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame 7A5E 11 KB
11 KB 9ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/img-motif-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3845869a51bea384409c38e0b428da617913e5557f12001868773e75a0836bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:12 GMT
x-content-type-options: nosniff
age: 326681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11369
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:12 GMT

GET
H3 200 img-motif-1.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame 7A5E 12 KB
12 KB 11ms
9ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/img-motif-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90522800375d2af39a942f1b7bba8c525ce5926ad91b6cc273eb2af6acfc18f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:12 GMT
x-content-type-options: nosniff
age: 326681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12212
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:12 GMT

GET
H3 200 tf-0.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame 7A5E 3 KB
3 KB 11ms
9ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/tf-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68b13fb32ac97aaa547176f77229f00ec488d14fd5cc823f395f722deb56766f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:12 GMT
x-content-type-options: nosniff
age: 326681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3177
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:12 GMT

GET
H3 200 tf-1.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame 7A5E 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/tf-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18704e6392962f33591db3d201b3f4ee70a07488fb319d44d3b2c25e98a4dd78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:12 GMT
x-content-type-options: nosniff
age: 326681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2365
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:12 GMT

GET
H3 200 tf-2.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame 7A5E 3 KB
3 KB 13ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/tf-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d5f33e4272e764851d54af7e81ed73a8898097a0ba054df3406571a9b739a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:12 GMT
x-content-type-options: nosniff
age: 326681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2708
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:12 GMT

GET
H3 200 img-stoerer-0.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame 7A5E 4 KB
4 KB 14ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/img-stoerer-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14ac160c9d66dcf424c5081e906f9860b52a432e980feb72c319119608db7145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:12 GMT
x-content-type-options: nosniff
age: 326681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4061
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:12 GMT

GET
H3 200 img-logo.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame 7A5E 4 KB
4 KB 12ms
11ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/img-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81732ef8a3370a547b35a2c25cfa71e1bda0c8c2dfb27f0a57f43e78c72e4261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:12 GMT
x-content-type-options: nosniff
age: 326681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3745
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:12 GMT

GET
H3 200 gfx_white.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame 7A5E 2 KB
2 KB 13ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/gfx_white.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3ed4eeb6ff0371ee043785da9c48b790cd734172ffe02155621376ff9284cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:12 GMT
x-content-type-options: nosniff
age: 326681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1928
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:12 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7A5E 113 KB
38 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Nov 2021 10:32:53 GMT

GET
H3 200 TKUT_v1.1.1.min.js Show response
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame 7A5E 2 KB
1 KB 10ms
8ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/TKUT_v1.1.1.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb02d532d7bfd45b67a7b2cdec2f9022e4b53fcbc99e8dca2a4d8dbfafacd72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 15:48:12 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 08CC 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 251087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8378 42 B
64 B 42ms
40ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYlCovTcmTyIn8H8u0MW2-mwzcm5-R1ZH1O0cHiQev9MNIQxNGcyNlDtk8ax8-UFN0dJZ2-ZhztOkFFDqrZ93FHLf4SDZxjq6mBgb7l23q2FqxTb1H&sig=Cg0ArKJSzOQZwtYdyIy5EAE&id=lidar2&mcvt=1018&p=1005,800,1006,801&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=39465523&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638181972158&rpt=108&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame A2E2 23 KB
9 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Wed, 24 Nov 2021 17:50:29 GMT
expires: Thu, 24 Nov 2022 17:50:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 405744
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 409E 0
23 B 44ms
43ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCdDgxe1n2EpiMhNbdovi-4zCBfqFIcKePyRk2jq0g562BKNBDP2Ou5NJDLEsmwqI9-GozuyAAcaq6od9zNReAMdDVQL9eLr6qF4mZu0-e22PJ30OIWFjGpQhW6zXYcvTe1KItO6U_TKGi-d9G5F6IyRE2ab9JoOrHjU5yowLCbA5WwF4d51Chd-xBe1-8PeUA4S5LsepKB1v5gse7xZudRpDW-1PjX_O-s5DrcQ77vwIkgw_7dDZVfWhR94gCrgL7uWaBGbvTyBTrOn1x_NmrzHQBjLcNaepoM6qRIXgIDprJOr_sxUovpJCIso_RO--SX-URDZK-T74m4ddscWXSpeGvvgIExQoq1L0qZVunBqoqC6r0cQXT9N3HIJybI0bWAZgtUtifsypCw9Ts1MZ1wq8NXDrGqY9KwZViWZRTTcWg1NbztYfmsuaJYXSYRogR40FC71zpga1Qy3VDWFq76OyBbIO11U4F7GMMDrLXJCZHHD6PaFBi5qjboI8yrD37PMo8vao5FbBzTvGfybyBS3WST1QlEu8qBqOX32h7GC2004oF3WJDdYslr_PNprKdErUiQZvaEtoyexWW7YX0VyA0oUIR2xMsB6l_l58qXoYRBPnoVoWAmnMWzk25DeTKGI22WF0rl3B7Ut8V8gI2KXWC38LAdsknZjeRVgIoj1akyUg1hTEyhAuLgQW3burOsabAHZ3iF5djaODgNJrY4joilFVciG0mblhrA3HTVM16EOnbGgPRWxDokg2jCWOyK6PFsHgWJpEkbpfu-2rd3beIhehT1p6KZko4VLL3vOerI7PX0BKKTjohF4WqiorvySmxst6yXoKDT0ux9QqlVJXRFd25bblU-I9zVFGksDQanGg9di75Pfb5SxFEX4rOOYGau3xUcVtG8EqqZb1mu6bQo-sFkNCHxgtU4LBzxDD0fsqFx3uDxKfZSFCAi6Op1l_nOoK1BrGqZsExoRpFcKQl6EN1lFfTq-ncRFExplxAHvoXE0QQWlrr1ckhXXP7agnFWXlLIw_OCeUAtO5kssw1J_HPEMxiHgmRUcvd3JF8LgHHs4aLM0_k5ltEJlyWGu42ad1pJYfc3ON17PtIXi6n6p4cipfY_Ze76QXoh64zlvDv56wAuaJYur1zAvKfzIM1QQXN7iGKfQbso0JB9pjrCd588Y7HMxr04IfTZGK6uVx8eNekXrg80Mj6mcRjlv77GSLNsfSA12XFZbg&sai=AMfl-YQMePXQMhGWvz4lru-HDduTeKeMCa3Qc69dFZD07yVoZg6nxY-gxAb44ylB8bT7lhB4kc4ew66_zFlr3Et_0x07vBBQVdSgXSx3LSx-yw7qFvZX5RKDek--Gp3KM3-Sv79CPKxO8iE7gK2QwO0g3f929HCZhQ&sig=Cg0ArKJSzK3ImWFIiFZhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=396&vt=11&dtpt=262&dett=3&cstd=132&cisv=r20211111.83455&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 206 file.mp4
r1---sn-4g5lznle.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669717973/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 744E 2 MB
2 MB 17ms
7ms Media
video/mp4 2a00:1450:4001:1d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: 33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
URL: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

64f92ac5b3e5e53a9fbe7815fc07b9c10de1e6489f1c020041f543fb1c84ba3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 29 Nov 2021 10:32:53 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2185447/2185448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2185448
expires: Mon, 29 Nov 2021 10:32:53 GMT
last-modified: Thu, 18 Nov 2021 13:11:20 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
client-protocol: quic

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 08CC 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 16:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 16:13:39 GMT

GET
H/1.1 200
OK affhb.data.js.php Show response
hbs.ph.affinity.com/v5/hvr_man_hellosehat.com/ 37 KB
13 KB 381ms
130ms Script
application/javascript 216.139.248.131
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://hbs.ph.affinity.com/v5/hvr_man_hellosehat.com/affhb.data.js.php?t=291010
Requested by: Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/hvrlib/hellosehat.com/1614856472/v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.139.248.131 , United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: 216-139-248-131.aus.us.siteprotect.com
Software: nginx / PHP/7.3.6
Resource Hash: 7f0130f24540ccb1db627505148ffdccda33f66ddc00dd3607d59c6d65e8c366

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 29 Nov 2021 10:32:53 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.3.6
Vary: Accept-Encoding
Content-Type: application/Javascript; charset=utf-8
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Connection: close
Expires: Tue, 29 Nov 2022 10:32:53 GMT

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame A2E2 35 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 06:48:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 06:48:04 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7DD2 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu23GNZmuREtQqROXR-xBxI3XJba_D5TkTQUc8P8qSwmAARhFDSBr9NAIc3KJqhdiGAu3WL7j654es05_jgspALTqz_bC4E9O1IcskYK8wWn9rZ6Gk6&sig=Cg0ArKJSzAEezmb-7hDEEAE&id=lidar2&mcvt=1028&p=1006,436,1096,1164&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=661055900&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638181972288&rpt=193&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A591 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgQ0uVKykYbrhLNnu7gP15IXoBgAAAAA4AeAEAg&bg=!ycqlyo7NAAZQLpa_UC47ACkAdvg8WiYlMnhgIdyjePc42TyL_L1n-qmImBAlYx0Zuwn0Jv2jKJTt4AIAAAF5UgAAADNoAQcKAHDS6X4HKKALSLY5IXqLlZLv8RHLKkUNq-MVwEacepneuOdJ1OByDDYIk8tnBM95ZA9fbTJJw_KAfYmQ6Cv-dK5mLhgmc82pyXep5W4ICxBVk5UOCvZQDLlrJHDSMMz8_S7dht2dV6LUs7M508lyxlaUmQLKraPfmb_b4qfA-HwWxL8Zq0Ikz4wZict_8Iy4MHopdUsB_J3mfJJ74oicGwQDEnllY2MFiuCho1kBccG0fDSUYO3R3Kkf9LKUAwcceV_PKEw_g3yB2J5IVfLwQeumvHlMkWTZAwibsMgcydBQjrHBJ5vrWBUJZoNm75z0F6A1Zw4l9d24Ue1w53Nw73M9qk8xR-C2Uthu7-unxNEg97F1FzmTJ159MvKVWNb2zXPLTD9yrf3c0JVZAMiooqkrK6LXm44Dyd3kbzwGFB1Qwp0d9VA8BiiD2BO_19AXbpe6-AetqZgrTHOUBRgDPLeLsFr2JjoOABDURl6xTX5APBujdaxLBXAdhKc1atlyo9ceTjGPRVSovYalCLXjnJtkuPcRnDGJUSfI1DI95V-o7V-HLPq0LY6z-E7yUisAc_uXw70cud4tomrksUp5IKPVyn3drKQrTOfOQdq2loY58EHz5GOiWxItjnr6zeFgUArGDyk_YS9-qasG6yDqd0Nw24pjzLv3cHqOUsh1yli2l_jKjtMxppDGmvG9k-M8FG6bIFd54hV3OedCtkLtGSB6Esq96GVXJea0hLa-vnnp-1TBFSjKpldn5r3wsK0NPd9-XMhumhK3O4_mTqNWGGDa_XmN96x1tQCStTZa4-3cwVL2uz9YcZU7uDdxGMiHevdOI819tP93_vSKsBra0t9H1skPxHC733boO0iS3K9RE_7wwa6CeWimgKeux6e5RVTC7DuVGuVUdIuiEp4QmzRx-jGvuSwD_YkWYXowx9nNqV3mfW2QNwxwXl_xkzjsznT8wsa_RM4x4L-shw2T3jryaKL5b65m9SLH1CiR4D3pdFlL2Prmdcy6QELK8-f0CKMKS3R4KQOTTdEzpMD2wxVwX8XcH1c2tbC_901lyIJBw222VZQmSgNsx9spLj3SW1GRmx6SfDucpvf8WXJS

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A528 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=1785235415665783&bg=!7e6l7qrNAAZQLpa_UC47ACkAdvg8WoqnAyHBl6Ah3lkvnk9CsO5bg9GhoE72GcwCFkR5RJVqh66ZGwIAAAEoUgAAADloAQcKAFRaBF-qLPZ9tN5QNhBCZwf-0wbM_E1kr0x7-pQr8qTFsImsDqE5TMlkCV_D0YrszMblJ-SyhK3dmfE01NnNES2X3wRrse70FQFcOdm8G90ZDV7CQCeZApK7hC0g3N3E6Ci42-dLTPv5NZFiEWBV7HRDul0cKcf4Z0t_P1sESzSBzBL0wRNyPXYJkqiiHdaloP7TVg5fiGF2NnRFI4IEMzJGA7WkLUAGvKU5vbdrz3PRNvowYSuBHZNJzR8peiAkQ4nVhu8W0INjFxixeAaKbWxgrpeEBnWMfqG0ZDjbNy-I83LMvg8waBgZGOBDQDdKeVE3T2p-VPGw97Y3Lcodp23Z27W8UPpCOTMToypxEOQ_IuBVTXjaAE5Y6sJVrtNicae1kxUDm95GfQCl4DoUOTW7I2mmfhd_e2hpXOq2bSON5pZw9nTzp1m5GWuwehlo3IoFKr2MLls0r3x488vbhr-FtyQHX2tXRKWXnPolTgd5PtdnIc4QQR8PbLyKhl1vT5V47zZ8XUgkkIe_FWaY3ADJjmCCEAbSCnKdd_ivT80SedsskLuclDwy0fxVflh9sY44juwuNmN-OjVl0n2Uj4Qe8yYcfP_Q-sJxCykwwI9Rta6OlG9eQRhXHG4hJpHBQ9YE_7qxEYCbePyH14G1ydR_mW4C1XfpNMFuXSdKYwnglcZGdytbAxNUJSa6FV0xsQrcHg_VLaN80G2Xv6Ex78szVk2LQwD0uYlMGrC7mO7faY7gJiO9ecTxZTUBke0sfdIqOW1fioFef0IXSRiDuyWCmxPE11L9Ol6hBb1tQM4QQeELzseE_2CnZ6FShFkq9a6PN3TN1ObrTJGwV-RTj46EdXe7GY7Ghsm7W05xRf9ykBLIrPwdGW5Qojp9xFggCQ0lKHd5pgHSMf9Oqp7hu_KPFz4siQcrgak58bQJWSEGpjcihIG0-5-cHf8KDKI1pnLhUr6Ud_OUEn03Rl507NS8g_75dy-cmYk1

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CC7A 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNDJ8VKykYfjDMtvJgAeA9o74CgAAAAA4AeAEAg&bg=!wsGlwYXNAAZQLpa_UC47ACkAdvg8Wth0A2-VqzYXvWmpWWPlyYvixU9pRaTzHTJOI9sTBTbeNNgJNAIAAAESUgAAABloAQeZAulWjP6VPwq3wj9UwXI2gcdtVjvqD4515M8CJy72h2JqUtfKx5hCXQAQ9sE8sW1FuV9otGgL578wdsw4g_tTGhnA8fLbR6ViRzXs8a1y7ye2z1HU4aSpsjfK4oFM_bGe-qhiKLtZM7MhoEsz1d8gtSBeo1C24JP96Fxrj4lFqU8RQfCH7ReEkkUZSNRDR230D6UXEeNTPYd9jJg1tOYmHNZGVZJuB6WChK6MIudWlmq2SCRpRGsk5TmNQWgGK4BtPccBVdwqAOOEELDfEYSTN4ZpUvtRCW9tj6T3St_yf8AAZkAhBmH995Jd9YzuuvDVUOkvHw0e_rhbe0VKf_FNE9cU9b4-jgsqZnuRDknFD1xslUKqMPdy-kNFSib4YchMc6O-0N6OJ-ResViV81Hf98gXY6jxGvO4KKI7t17zSTlxcdA1Yq1yJVbByAnxr-N-ujiPtmYjjMpVYdHBYIN21XGV3XZ0xCP5M412qmIBuOf9bdB2iupa1UwTfrLcFzk6J9MhiNCHDZOwPS6n8P7zVkJNcOvBNGA_Y8NXJprZflBTEv-3Lap3ab3NFBBlORdDRj62V0hx6Qjnb3hyi1PbuvawG_J9XDx-7z3aohqncE9RP0zJkik08CpHCYbxBNZE6vzkIXyPlEOEHP9L-PLhpm8aKxK--lZLfobSAP5jHifHWN9VpWWBA2zZ97NsOhbwmEf6SVdjGnRRI7D1zWQ4e-66rHrUUsH_KwRfsRAbefXY64kTrFw_qsQy9aFpbbIkj53avc6KdtOlWYE5d5OKp3tKKCVTYtmtGO47Eh1kT-9R-QB2TQD1BMYXXq6S3uOgQV-iKyPiK6_aX4ZbrPPiVS0huDha423cKUnhVLS26y5sSXtq4tCsxfUeZ-ulSiWMVgl2N7_fG4eGZ3X6BVN6LQtgQvf4JypSZYFh_jzl71Ym3x6kA_J1QVMqgxZTlPkpmYk_xE0ut6VWeZRlBUduXnLexL46oTbywVKX

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 08CC 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVlxGVKykYZvTOZOL7gOf1LCYBAAAAAA4AeAEAg&bg=!1Nel15PNAAZQLpa_UC47ACkAdvg8WkibSzJwlnCUYolb5Op3J8GHX8fWLU6X3rzZyG4aO9OATQVd_gIAAACQUgAAAAloAQeZAuCPFiro47dIoIF5W6JK0rp8HZHqjWOXec53jU1S5s1GQLNdIe3lGUxZBP8zNZjnC9aAt6jUzf_AlTb6IvUtf_LQYyXpSUuxvui3rocwil9hiubb_u29C-dyIQ8sgZTKLYRdxPIONQO4qx3vWpgAkNvJMrQDLUdDKal0OmWqHtItdax_R64cqg5k9Z7MGhrPlsaMWYmroaIuy04ap9TUkdkiA9RHpKCpQckX6Hvcj0goqBopKXlu9qVgJ_b5kutT9iuer78-rnFdIgjDgZkuVByJnXtZXqHPQJPEN9TTbJSDcp2FPbGAcyJreZ49dJIqbG0grLCrLMXV0YqfpqZbrrI0UnR937jDczXIGJBeRP-DReLyqBhYhcTSO7etY9A1dWhCt9vbB-wDSNVaWTtXm-hG4l6MEddkznp3o7D8XcSczV0aYD0uhFQdqqFMnRT3eNIV4oJL4dIqL31oIacuO8grAyKB-oJhGktmfqXia5SeviWCfuXpC31UAUx2wLok8a2O15z04jAcRZGBWwiV_yr2Lx7OVZZKeFClrWqh1-K0dvrUfiZ8wQiGuVmFxTY2A5_fo58kvhajR0ZKiNeIw_lJhqJ88t9sLcTnsztFzWwEP190xdco93jTM5n9t078pGYcdEezaq1W-ByoDXinT2VB63oyuIooHnYZRoKgEBMhXqZhyxw9_Hmia7IVSQXn8tljxDxfsxH6s7RHywMgVaybkasdORdf2sKybrSYrjkQq0zDKSxQJbhuUmMf2VDdvXMAcHr2TtQvucrGMh188flqaF2l_AUpbS3edZQFBw0j7XSZ3pCgDDiEi5BP1I64WTHMV09iGnHyswpsRI01gO4E2P-2qHIoTfumezefkZMVYowkqq3GIqG7MfBnvigqtI_vLODsxqSJPs5jScNdgqt4nqU7ja996fIPQa0FRi5cpCoqV3d09afOi4cvvhR8VwBd3n8L5hTd4AyrffVrzLT4

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A2E2 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B8LDqVaykYcPLCYv2xgLr2brQDwAAAAA4AeAEAg&bg=!j4yljMjNAAZQLpa_UC47ACkAdvg8WkNPRbCKl7QyASJHYyRNPFXivZQg-VZiFFVjEr878QnRop_PkAIAAACLUgAAAAdoAQeZAtMFlX2lIcesL6Ai4-OtSLggp5-ho8HojR7o4Af6KJ8B_n0N4nSCNX-SUSK9c16LdWvaP4ATaOOeN8tZpTFW3IIC-2bn9lQnO6yXIXHFH5XKoqR22ZUwSHG4wwcKhdqOhhlMDy2dbGUnNLcV2ZkP10eN2T1GVcPp6zQlypUtNYKLa_69zW3Sl2g_2AscoraJASkaHFVrQlSKbNsNuRGDmdHsjmOLH1bqhB_Wen05FEZWa2WHQLrAPnVBrH01HLmPe9OTDFqlsXNJ_A52lQr3IhZ-SHM6sMc1C1XVAVH7aNrkG3TV7t3VGq9bplmPZ2FLuEq77OcLjaye2m6GEijc20llDMvgdbQPC2KkjzaGpQENn04mTVEd8KMd-Rfg-SBHqH9-7dO7gn4KDHozk6iEMxu1-He6AcFigEjUL4TBMhFwhCMZMoWKmZUnXI0bwynjsoX067oGh_YM66JshGnfCcii7BZ5kh6py7wEt5ZYTpMp9h0ag-XC7vWTeUWRotT_P12Yo8fFBW5ynm5mQWV30pMD31istTG7Q_ctgvvC9AeLgZsG2PZo59KHTx-MWsawI6mJZHkpvvx_anuRmkfudlM7jr2DlmWoKJ6gYjwxmMC-RjT50bSg_4v-QesQEO8aLIEKOuLGGO_RFu6j9SnYwsqAsFUSWhUydYpNi6FV7N7xTsZ5mSsaeKPloa3fpP893FJywLYTtyUIyMNG5EJQR1oBKPQuyoSutF3aLkgZuqq_EtRAIoEpMgeVlhBaJkgi3873pyaBATEz-VSwZZWVcteyOacwyqfQcZnCDW62H_n1FvVtaveJYEYzV7-ozdUeXrViL8NMkVNluDtaU1TtzlDhLhsHIu_-juzPDcGTkZySKFEsYGvhaUW-ab7K3vpD1CX93SDm7WW8ZCHxuuOe6fvzQW3UwtVQj1A0gTJ21_IznMTGRLF5iQdDZl0SzmTQjhVvMww

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid4.43.4-app-one-sov-val-sch-gdpr-ccpa.js Show response
cdn4-hbs.affinitymatrix.com/app/pbjs/ 195 KB
72 KB 196ms
196ms Script
application/javascript 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4-hbs.affinitymatrix.com/app/pbjs/prebid4.43.4-app-one-sov-val-sch-gdpr-ccpa.js
Requested by: Host: hbs.ph.affinity.com
URL: https://hbs.ph.affinity.com/v5/hvr_man_hellosehat.com/affhb.data.js.php?t=291010
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS: pc-b.bitgravity.com
Software: v/6.4.6/6.5.7/v61bom1-www /
Resource Hash: 60116d0a1efea37cefb4204af56617fd8fd99be9ce43cc050e76579a0f9480e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-version: 9
date: Thu, 25 Nov 2021 11:57:12 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 07:20:37 GMT
server: v/6.4.6/6.5.7/v61bom1-www
age: 622473
vary: Accept-Encoding
x-cache: HIT,v61bom1
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
x-tata-request-id: 418a1e9603ba06317454fdf5dda80bce, 418a1e9603ba06317454fdf5dda80bce
accept-ranges: bytes
content-length: 73067
expires: Tue, 29 Nov 2022 10:32:53 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 4148 7 KB
3 KB 57ms
26ms Script
text/javascript 143.204.98.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=digitas01cont8&js=pmw1&base=te-clr1-b44d5a1e-9e02-4121-88ac-126fd673f41b
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-28.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: d92f09ae07452c9469060bc4cc3e7a96341dd8d6ff5d9e6fd47a8f049321adbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 12:05:25 GMT
content-encoding: gzip
server: nginx
age: 80848
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA50-C1
content-length: 2411
x-amz-cf-id: 84adUAJrfdHJAc1TK1WhoqXl08UrZ1Hq9dKJPbXxB7Ql4GHiDMTjnA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 4148 38 KB
11 KB 40ms
9ms Script
text/javascript 143.204.98.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=digitas01cont8&js=pmw2
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-28.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:05:04 GMT
content-encoding: gzip
server: nginx
age: 1669
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: fCc0gr9TnuR0TgdRINP0pSyjd6BMeCTzqf6MDh4112cu6K8Wbviu0Q==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 4148 43 B
395 B 141ms
110ms Image
image/gif 143.204.98.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/cap?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=a29d
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-28.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:53 GMT
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: a1QBkvXY7cwRfywS6a3w24zb168HtHct5MRY2YHoZGehJPKgANTvcA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 209 KB
64 KB 69ms
45ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5SW47D&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b4b0e183cc890b5e7ca89ada7ccfa6f3de66a120a4e1aa151fc1a4755a2d500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:53 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65207
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Nov 2021 10:32:53 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4148 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBCzfpbBpFUFcL4455Wft9qszPKDJR9MBrOyvSo1IrJqDTFw6zNcGUTIToIzl4DNiOq68Y_9xpElJ4ZQ9XVDqeUNnRA85_GD0OsA44LIcCG8P8WcwrKg&sai=AMfl-YSz6UeeAfsAbZqZo2dlfkvOIkEnFLPuWOaih2aVl2crpjqeYS0bEw9Vj-M0zgvohIQUrE9qclB4lDvfKdkw5rFwpf6zdo99qsGSFyo8Zhb6b2yJvAmvPu6Q3Y4YolM&sig=Cg0ArKJSzAiU2itq6v9UEAE&cid=CAASFeRonstSOF8bEuHEWtfqkHwGXI0dyQ&id=lidar2&mcvt=1000&p=1110,444,1200,1172&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=3048852453&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638181972645&rpt=311&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 49ms
34ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8KB5XVR4DX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SW47D&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b8f1e95a6dc6d88e76418a7d1e328f414b84238a393116fcf0ade1dc375941c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61774
x-xss-protection: 0
expires: Mon, 29 Nov 2021 10:32:54 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 54ms
39ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C5ZXKTNHGQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SW47D&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93ec0ffe529b698331e7dcdd3e53c88962f4d939f0733941375dca5ba456f587

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61775
x-xss-protection: 0
expires: Mon, 29 Nov 2021 10:32:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SW47D&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5507
date: Mon, 29 Nov 2021 09:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 29 Nov 2021 11:01:07 GMT

GET
H2 200 hotjar-2260245.js Show response
static.hotjar.com/c/ 5 KB
3 KB 62ms
42ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2260245.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SW47D&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

Resource Hash

67c86383b39dd7ccc5d5cd5f9409c6929e2a9a47f5b7fb811fbfff49c64e51f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/b5ddecd3a37e7e6891bcf3f336529c58
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: F_-Fx92bZgamLnVx95ExmDXYISdS9aZrkFz96zC-2x5Zhg59THk7SQ==
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: y3xa7A/ajlSudrKOQT8uWkIEK2uxPKxJdmj1UzZpS76LUDWBhZqzUdmGY/hociVtRXrLggrVxvTcASBZr09k9g==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 29 Nov 2021 10:32:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ins.js Show response
hellosehat.api.useinsider.com/ 330 KB
81 KB 68ms
66ms Script
application/javascript 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hellosehat.api.useinsider.com/ins.js?id=10003799
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SW47D&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f66438fdc72f60fb08fad25906cf0cda6bfeeb1a7bf5a79f729b638b52abc1f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 3451
x-amz-request-id: YWVKXQ08SK139CQS
x-amz-id-2: I7XFOiWly9VUFjK1RWh91PN58pi4n1n8AEkHktWNAeKjxsS9roV2ZNqa5+k4LeYB/bqadAx/at8=
last-modified: Fri, 19 Nov 2021 09:59:56 GMT
server: cloudflare
etag: W/"008f88d13ea2d22b2da98135f7938c67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=300
x-amz-version-id: 7HaVsMyTJASs5boOyoRwCpw.zV4JcAFa
cf-ray: 6b5b2cb9cb0ad60c-MXP
expires: Mon, 29 Nov 2021 10:37:54 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=23452237&ns__t=1638181974032&ns_c=UTF-8&c8=Hello%20Sehat%20%7C%20Pusat%20Informasi%20Kesehatan%20Terverifikasi%20Medis&c7=https%3A%2F%2Fhellosehat.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=23452237&ns__t=1638181974032&ns_c=UTF-8&c8=Hello%20Sehat%20%7C%20Pusat%20Informasi%20Kesehatan%20Terverifikasi%20Medis&c7=https%3A%2F%2Fhellosehat.com%2F...

0
222 B

10ms
9ms

Image
text/plain

143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=23452237&ns__t=1638181974032&ns_c=UTF-8&c8=Hello%20Sehat%20%7C%20Pusat%20Informasi%20Kesehatan%20Terverifikasi%20Medis&c7=https%3A%2F%2Fhellosehat.com%2F&c9=
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: xlUtcPXSrkrD6cAd02ODBEUc6Aitb-_17mvHoNQ_RA1H3bI-u6Z_Vg==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 29 Nov 2021 10:32:54 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=23452237&ns__t=1638181974032&ns_c=UTF-8&c8=Hello%20Sehat%20%7C%20Pusat%20Informasi%20Kesehatan%20Terverifikasi%20Medis&c7=https%3A%2F%2Fhellosehat.com%2F&c9=
content-length: 223
x-amz-cf-id: HVmYNUkNiOZwtHHtNaA9PBrC0DzO7FdB7CiZC9dheTmZXhcfbVfuzA==

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 802B 7 KB
3 KB 10ms
9ms Script
text/javascript 143.204.98.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=digitas01cont8&js=pmw1&base=te-clr1-b44d5a1e-9e02-4121-88ac-126fd673f41b
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-28.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: d92f09ae07452c9469060bc4cc3e7a96341dd8d6ff5d9e6fd47a8f049321adbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 12:05:25 GMT
content-encoding: gzip
server: nginx
age: 80849
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA50-C1
content-length: 2411
x-amz-cf-id: okTKEHOefKo8V_Z3-Zo07CGY0ax7Oewj6b0T3qxkDwXvO9MS8BB76Q==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 802B 38 KB
11 KB 11ms
10ms Script
text/javascript 143.204.98.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=digitas01cont8&js=pmw2
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-28.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:05:04 GMT
content-encoding: gzip
server: nginx
age: 1670
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: zI3jUEcDSu9s60UVANTMLYh7Yl9gLPQLEWg3PwRcQpQ02A9qB217ig==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 802B 43 B
396 B 102ms
101ms Image
image/gif 143.204.98.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/cap?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=7824
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-28.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:54 GMT
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: cK6Rp0AVmYk_yLudpYDVZF82MArnmNzmgEjbF6_vnZHTALwbjVxZlQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
15ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=334316715&t=pageview&_s=1&dl=https%3A%2F%2Fhellosehat.com%2F&ul=en-us&de=UTF-8&dt=Hello%20Sehat%20%7C%20Pusat%20Informasi%20Kesehatan%20Terverifikasi%20Medis&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1909089075&gjid=2007697066&cid=1412350123.1638181972&tid=UA-73904951-1&_gid=1508740909.1638181974&_r=1&gtm=2wgba15SW47D&cd4=WEB&cd5=Home&cd6=id-ID&cd1=1412350123.1638181972&z=109754464

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellosehat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hellosehat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
8ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=334316715&t=event&ni=1&_s=1&dl=https%3A%2F%2Fhellosehat.com%2F&ul=en-us&de=UTF-8&dt=Hello%20Sehat%20%7C%20Pusat%20Informasi%20Kesehatan%20Terverifikasi%20Medis&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Header%20Banner&ea=Impression&el=https%3A%2F%2Fhellosehat.com%2Fcommunity%2Fon-boarding%2F%3FreturnUrl%3D%2Fcovid-19%26source%3Dcommunities%2F&_u=YAjAAEABAAAAAC~&jid=&gjid=&cid=1412350123.1638181972&tid=UA-73904951-1&_gid=1508740909.1638181974&gtm=2wgba15SW47D&cd4=WEB&cd5=Home&cd6=id-ID&cd1=1412350123.1638181972&z=51237994

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Nov 2021 14:02:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73850
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 745651395810475 Show response
connect.facebook.net/signals/config/ 307 KB
88 KB 20ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/745651395810475?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

61152a6120b79c6d6a25f37d1cdb09fa0005675fe8789317b7b0be40f310a1da

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89998
x-xss-protection: 0
pragma: public
x-fb-debug: l3EGk1ERhrWecJOkK5CRXYks+CmGd5Wc47UOufd01ajGhr+kuH/zVuprSzxGJT9yTe+vwkRrDAlx90xpcPMUvg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 29 Nov 2021 10:32:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 802B 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu45lfrP9JPXKwTKsvY7HSswdBRddiIYcjeoBlgK6bj9Ri2UpDNslPmcU48Nnw7vNkUFFF5vMAKB3VFQsMil9-SFsbrfkEbn7jSRRLUQ3aOU4qjpFhTow&sai=AMfl-YQcovxsi5U1W0R7P_B-04QKeO0d4mkusLCAT_Kls213jjUUeV3c1SgnGxpBS0aKk5hCGjBNUfUG9HPSoxOuS8GPd2FFCA8a8qzZwM7NEfCa1GIE4pTQUXKDXkeF&sig=Cg0ArKJSzPEejVgDVw0AEAE&cid=CAASEuRoSKYQdZzFPLY6duVLDbu8bw&id=lidar2&mcvt=1007&p=1006,436,1096,1164&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1352671502&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638181972764&rpt=325&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
346 B 133ms
15ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-8KB5XVR4DX&gtm=2oeba1&_p=334316715&sr=1600x1200&_gaz=1&ul=en-us&cid=1412350123.1638181972&_s=1&dl=https%3A%2F%2Fhellosehat.com%2F&dt=Hello%20Sehat%20%7C%20Pusat%20Informasi%20Kesehatan%20Terverifikasi%20Medis&sid=1638181974&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8KB5XVR4DX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hellosehat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hellosehat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 138ms
21ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8KB5XVR4DX&cid=1412350123.1638181972&gtm=2oeba1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8KB5XVR4DX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hellosehat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hellosehat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 143ms
31ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8KB5XVR4DX&cid=1412350123.1638181972&gtm=2oeba1&aip=1&z=1285254513

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 119ms
16ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-C5ZXKTNHGQ&gtm=2oeba1&_p=334316715&sr=1600x1200&_gaz=1&ul=en-us&cid=1412350123.1638181972&_s=1&dl=https%3A%2F%2Fhellosehat.com%2F&dt=Hello%20Sehat%20%7C%20Pusat%20Informasi%20Kesehatan%20Terverifikasi%20Medis&sid=1638181974&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C5ZXKTNHGQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hellosehat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hellosehat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 124ms
21ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C5ZXKTNHGQ&cid=1412350123.1638181972&gtm=2oeba1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C5ZXKTNHGQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hellosehat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hellosehat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 129ms
31ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C5ZXKTNHGQ&cid=1412350123.1638181972&gtm=2oeba1&aip=1&z=349577597

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.376dac12c7cbd03331c3.js Show response
script.hotjar.com/ 226 KB
60 KB 108ms
11ms Script
application/javascript 143.204.98.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.376dac12c7cbd03331c3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2260245.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-45.fra50.r.cloudfront.net

Software

Resource Hash

762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 511548
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60634
access-control-allow-origin: *
last-modified: Tue, 23 Nov 2021 12:26:27 GMT
etag: "a104d8caba37d824b6eacd90ef7757da"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: o1_wenZYbPauEsQDnv8X3B9NlAj-IMfqc3HKGbNk1EhvaF80ztQ34w==

GET
H2 200 box-ad575b5823df97fc9725e14a57070642.html Show response
vars.hotjar.com/ Frame A864 2 KB
1 KB 33ms
8ms Document
text/html 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2260245.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: /
Resource Hash: f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/

Response headers

content-type: text/html
content-length: 1050
date: Tue, 16 Nov 2021 11:16:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified: Tue, 16 Nov 2021 11:15:47 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: fDX4GWCAXvWGmtNVjqIU8IKlz8bA800jKhQcuk69ne1Zs9UkNbARpA==
age: 1120608

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 27ms
20ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-73904951-1&cid=1412350123.1638181972&jid=1909089075&gjid=2007697066&_gid=1508740909.1638181974&_u=YAhAAEAAAAAAAC~&z=1437036199

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellosehat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 29 Nov 2021 10:32:54 GMT
content-type: text/plain
access-control-allow-origin: https://hellosehat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 798770030726728 Show response
connect.facebook.net/signals/config/ 307 KB
88 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/798770030726728?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8e56a6de93c8aae0e8a37d1e47d95ec3d4093c62e6a9f409b7bd3668dc25aa5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89917
x-xss-protection: 0
pragma: public
x-fb-debug: Qw3vP3Ky9uD9lnIPPhCgLm7RJzfgWfXnjCn6CnHClxVciteFJ4iKHQcn1pVnRU8MQ+oRn5aB2NXjwh0ctD59fA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 29 Nov 2021 10:32:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 27ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=745651395810475&ev=PageView&dl=https%3A%2F%2Fhellosehat.com%2F&rl=&if=false&ts=1638181974256&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638181974255.221719181&it=1638181974101&coo=false&rqm=GET

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 29 Nov 2021 10:32:54 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 33ms
33ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-73904951-1&cid=1412350123.1638181972&jid=1909089075&_u=YAhAAEAAAAAAAC~&z=627276047

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 49ms
32ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-73904951-1&cid=1412350123.1638181972&jid=1909089075&_u=YAhAAEAAAAAAAC~&z=627276047

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 19ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=798770030726728&ev=PageView&dl=https%3A%2F%2Fhellosehat.com%2F&rl=&if=false&ts=1638181974307&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638181974255.221719181&it=1638181974101&coo=false&rqm=GET

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 29 Nov 2021 10:32:54 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
90 B 19ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=745651395810475&ev=Lead&dl=https%3A%2F%2Fhellosehat.com%2F&rl=&if=false&ts=1638181974308&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638181974255.221719181&it=1638181974101&coo=false&rqm=GET

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 29 Nov 2021 10:32:54 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 19ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=798770030726728&ev=Lead&dl=https%3A%2F%2Fhellosehat.com%2F&rl=&if=false&ts=1638181974309&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638181974255.221719181&it=1638181974101&coo=false&rqm=GET

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 29 Nov 2021 10:32:54 GMT

GET
H2 204 2260245 Show response
vc.hotjar.io/sessions/ 0
257 B 88ms
57ms XHR
text/plain 143.204.98.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2260245?s=0.25&r=0.15609765030816236
Requested by: Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-62.fra50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: s9XL6t9UOLdZ0V5sWwAsT9KnwDih1vsmhuOMpvzIrZmgs9Xx7xPYaw==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 20ms
20ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e822fa3f521b23835ef5cdadbe0efa44097a1858d78011239b698fc735dbea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 10:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9219
x-xss-protection: 0

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/23452237/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
349 B

8ms
7ms

Script
application/javascript

143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:16:14 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 1000
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: zaNlSnBamdZgswiRQzfWL4o8etQM-R2ywUrzBbSmQ62Z-1Fj3-YZ6g==

Redirect headers

date: Mon, 29 Nov 2021 10:32:54 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: ATUhpvEviP9jBPw0WwfQLS4MYwLT4HnJOhN4Jn5SZnKnXarGqQEsJg==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 29 Nov 2021 10:32:54 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B744 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 29 Nov 2021 09:13:48 GMT
expires: Tue, 29 Nov 2022 09:13:48 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3FA9 783 B
536 B 17ms
16ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f88454f390cf5e441b0e39aaaf048f21267d1b5a6d8cbf8517c6afd48bd01d05

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2u8NDJc1YlQKRDTcw4O/EA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 29 Nov 2021 10:32:54 GMT
date: Mon, 29 Nov 2021 10:32:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-2u8NDJc1YlQKRDTcw4O/EA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame B744 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 16:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Nov 2022 16:13:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3FA9 0
0 60ms
60ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=4469147238393038&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=4469147238393038&bg=!qaqlqu7NAAZQLpa_UC47ACkAdvg8Wmyh5PN5eRD-4lPl-DHyaoK1wpQTN2WzxOT09uDNDZySdMg-0AIAAABQUgAAAAdoAQcKAF0ipnHSXgKOTuy2yP2pyXVBYmEkuGJ447eexyjCIUxU43SMq-GrBCQWGm9sdRpWUEpOyNJMv3vl7Zs_P2lwJ5qdOJUY8itcsXLdiijZBBS9fZsEZKUGwVaQivhaw52ZAnHUpprfXavDB5k9LDz-rBmJy36PYgnn4VdgV0RFLoll6oR2dIao_-mwUkvkXqd8ZpLHfjS3WHXrYAMyk_Uya5rsXGlc_mbD8q5dGXRBpV-sdVS21tVQa61xO6HfInqbHU-1r7Hg4mUP771LrACwVPbY4EPlLuIMEcyxRa7tJW8NGJb9G3omKNp4MUOQwCUbkVR1aXyJlLDxEpBrQXVIpKJ0P5mkMKsAcdaG6TIH-RecWwru5Oda5oyqniOvM_ECd77GXLd7pmviSVrEfe11ZyOVizx3Zylp0E7HF4RL6na0dqhwTMEsDw7Q7CAX81bODw00dYAp9B3tCk1GCaecT8VmZqjXLsb2YnsmHQwlVBW93VEuB3OA0_tvoMuXQ4MFhKqsvKJxgloNe9qItFdQK28OAo1qU3MTRrhXMXbMyTzRD6IiQxl4GPzYKUrTsPy2CQkcmU3rY65jff4BVR-fqREkG0XAcwNX3nthGx5joQOfBCO7BQBCiwbdJcmeHBiMsU627tgIvGJOdUmSs11oJSo-XxHqVmeCvpyc_yAXpW0D5j11UE85Puo8zgOobmneHVcXcSjnGAnpJEF4P_j1oOCtS61Lpih5cFz3Ar0zvICALRFHdvi_x_DxoST6iEl20dhfjsIowkOaVIX3MW6wurk-rBsKxG9KcqLLPnbm_cEnnHAcGDvZYKuqCYECiopfTHixMXj4JDVYTNn-jZ41KGs--5nwExXKAuaRLkgyBYPtBpWlygDDdiMWgXn0qfqFQ1F77Q67UzxHqLE3E39MzMOYjp4sPc2-YP49izeQCW3vfM4u7X_vrfuSwEP8D8KT4_4W

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
92 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: lead.hellohealthgroup.com
URL: https://lead.hellohealthgroup.com/admin/popup-discover.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 11:00:22 GMT
x-content-type-options: nosniff
age: 430352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93868
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 11:00:22 GMT

GET
H2 200 popup.css
lead.hellohealthgroup.com/admin/ 11 KB
3 KB 17ms
16ms Stylesheet
text/css 2606:4700:20::681a:5dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lead.hellohealthgroup.com/admin/popup.css

Requested by

Host: lead.hellohealthgroup.com
URL: https://lead.hellohealthgroup.com/admin/popup-discover.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a9cb1f794116c44f5d906c6618a3e964123c993541b489ece2e12e488e866ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1354
cf-polished: origSize=13123
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Wed, 24 Nov 2021 10:50:34 GMT
server: cloudflare
etag: W/"619e18fa-3343"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyGpj8U%2BrfMNyBidO0F%2BBPMiq5LuOa9NMrQoXZlvxRRLugZKQdLXmVn6x9X8MDIr1Vm3zwgE4qFwejGMNa3gQHX6EjC42OeXxqXLkChNeX1V7yLFrUbW8XqjOYTmOJWV3IvhkLUUk7suKCHtQWytg8dUg59LKPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600
access-control-allow-credentials: true
cf-ray: 6b5b2cbd3f5b2bce-FRA
access-control-allow-headers: Accept,Content-Type,Referer,sec-ch-ua,sec-ch-ua-mobile,User-Agent,X-XSRF-TOKEN,x-xsrf-token,Authorization
cf-bgj: minify

GET
H2 200 newbuilder.css
lead.hellohealthgroup.com/admin/ 7 KB
2 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:5dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lead.hellohealthgroup.com/admin/newbuilder.css

Requested by

Host: lead.hellohealthgroup.com
URL: https://lead.hellohealthgroup.com/admin/popup-discover.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc6edc282fff929ae3990dfa1d0d1260cda84914d30b9308bcfa09c45ccc4f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1354
cf-polished: origSize=8631
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Wed, 24 Nov 2021 10:50:34 GMT
server: cloudflare
etag: W/"619e18fa-21b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUnQe4KPytBFEaqoHbQJEBGecyb2mhqvFyxnBxhy8fMdXFzB3IwIyKQ7%2F0iRQssu1RX2YGQdKTd4uDXvEuDXDadrMkJRQ1htSA5KEpS%2FW38WUYWDV4SrJfePWo3ZOGWKg2tEfVsjZv5qqwUdQhAlDeZG2HEOss4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600
access-control-allow-credentials: true
cf-ray: 6b5b2cbd3f5e2bce-FRA
access-control-allow-headers: Accept,Content-Type,Referer,sec-ch-ua,sec-ch-ua-mobile,User-Agent,X-XSRF-TOKEN,x-xsrf-token,Authorization
cf-bgj: minify

GET
H2 200 lodash.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lodash.js/4.17.15/ 72 KB
22 KB 45ms
20ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lodash.js/4.17.15/lodash.min.js?_=1638181974595

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e35a1415438685f71fe809dfb0e94ff9d3b994dd8d8ae8f7206bb878d59a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 576344
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21762
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed2-11e2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xdoncm2VJl%2FuUycexLJYjxJPe15y4rM5NUHFuOr9XQB1Ge44hHSPIJsdu%2BLSD4ydwLmGxDLJxaKCN6%2FUtngfWceaSqDk47UHhuPZFZidzSIO9dFi5yittNKTYWCeHeBHQ9zjGpZ%2BJahavUqFbqvMWVZ2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b5b2cbd69ab7022-FRA
expires: Sat, 19 Nov 2022 10:32:54 GMT

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.19.2/ 14 KB
4 KB 52ms
27ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.2/axios.min.js?_=1638181974596

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ff7fb4a3bb565f34d7c187bb245a7d22765081708dd1c1d2d24b8fc8ecd40a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 574280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4253
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d6a-36a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeR%2B6Sv5ftlvb0slz97g3%2FwhK4UhVnvdJPICSLQIbIFvy68a8lOOfpbe4DcYkWAD9HsUcRkUxZ7OtKt49isg6yhQ7RB%2F9BeC3mfBVryCSWxbbmV2oOOzwC2Ul%2FtLVuXkjcUMnYc3jWXdVKxszockFfnk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b5b2cbd69b07022-FRA
expires: Sat, 19 Nov 2022 10:32:54 GMT

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/ 2 KB
1 KB 59ms
34ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.min.js?_=1638181974596

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1784812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 701
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-653"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FTx%2Fzn8KxrkGUoeRWsH3HJYpr4tP7r3VcubWanLNjKEy6msJ9hD4OQp0XvpPDSp1mYB%2Be6OvG0q%2FYcA55NcDWuhZWEHhXGW9aXV3gDJHHOv4%2FZKCgr0E9HYDqg2py5nHRbNt%2F6PgF2g5vGH3amBRwit"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b5b2cbd69b77022-FRA
expires: Sat, 19 Nov 2022 10:32:54 GMT

GET
H2 200 ua-parser.min.js Show response
cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.21/ 15 KB
6 KB 51ms
26ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.21/ua-parser.min.js?_=1638181974596

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

592c5c6a923544e013714f059bf8f77dd9a78e86a5dd16364dd0fd34af987b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1511718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5527
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf3-3a23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0gy48h6EIuvU0OMceSmxi1y8v3tH5aqVi9SZSfzbe1N2Ea40z7uiiZO51FGp%2BmdZvVMB%2BO2lMBRViOg3zhGqSU3rwCwE1axPZIkd2HuVaNUZMKZ88OOjroXmNmcdAFbKJMbeTukRTT4c2ggW0BiLQxe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b5b2cbd69bd7022-FRA
expires: Sat, 19 Nov 2022 10:32:54 GMT

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 34ms
18ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?_=1638181974597

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Nov 2022 10:32:54 GMT

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.11.1/ 21 KB
6 KB 59ms
35ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.11.1/jquery.validate.min.js?_=1638181974597

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 579702
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5650
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-524c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jOJWh4VMiZzE3yXY4oCm7sq7yx6g6%2BxSnekwE8QCCuJACKKMXYwWs8XbLo%2Boiq%2FVlWwTrAqQ6DFnwxwAMYXvDovOVRlsiPnbKKYtrgcKu%2Bmt7T4wgWgvGJYHaw4HbzgebUX8yMBPPJy74%2BC7S9Pw0ie"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b5b2cbd69bb7022-FRA
expires: Sat, 19 Nov 2022 10:32:54 GMT

GET
H2 200 utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.3/js/ 237 KB
44 KB 53ms
29ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.3/js/utils.min.js?_=1638181974597

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

131539367ea5a0be2178b8a4c3bf43737b149c368ea60d0aa31f0d2565debde4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 574592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44244
timing-allow-origin: *
last-modified: Sat, 30 May 2020 13:48:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ed26416-3b4b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvrGWN4RaEJYDFIpGoYujJIWr559ypPWXNJ%2FwppY7z2PB4oKbXtoB8QpbWetZINjVqJUufoSt0Y5wqo%2FDXW6e0VmE7yijcnDqp9e22K1GevjsvMiZDwt1r5bUnSXWlXrzOCqf5pXx1vdmU8%2BHMUeIsaK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b5b2cbd69be7022-FRA
expires: Sat, 19 Nov 2022 10:32:54 GMT

GET
H2 200 uuidv1.min.js Show response
cdnjs.cloudflare.com/ajax/libs/uuid/8.3.2/ 2 KB
2 KB 25ms
24ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/uuid/8.3.2/uuidv1.min.js?_=1638181974597

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9963a427c7b05e1ea3c923cfed992cfea294e980e42d754ba593cec66d285a07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1006205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 898
timing-allow-origin: *
last-modified: Mon, 21 Dec 2020 09:31:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fe06b73-7e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3%2F%2BKpbUprrjScoG17M3NUnC8qIw2jbEICUglhU82HAdBjdSLWgcqAC3XeftuMjcZd31w8wwTTOgL2VM4fnRa8K9rYpdr98uDFa6WUBOsxapSuXNdNKF1JTmeCmg1hcAThxrwtR4nD%2FGwQFrCazFd0Sq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b5b2cbd79d97022-FRA
expires: Sat, 19 Nov 2022 10:32:54 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 744E 0
17 B 197ms
101ms Ping
image/gif 2607:f8b0:4004:836::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kwkj908z&c=2114026669966&slotId=1057013334983&qqid=CO7HuLSvvfQCFckt4Aodcy0Jmg&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=677&mt=video%2Fmp4&vs=854x480&ulv=1&cll=0&vmfc=16&vhc=0&ccc=1&ccrh=0&ccri=0&ccrs=1&ccru=0&ccrhc=false&msm=1&aits=0%2C17%2C36%2C18%2C22%2C43%2C44%2C45%2C46%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=59&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:836::2003 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Nov 2021 10:32:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 10 KB
746 B 31ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?_=1638181974597

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eafa70aa45c5b3618a387bd0e619e248f8a49cc44cf10bbf24f7bca1190e2c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 10:02:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Nov 2021 10:32:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Nov 2021 10:32:54 GMT

GET
H2 200 lang-id.js Show response
lead.hellohealthgroup.com/admin/ 391 B
541 B 847ms
847ms Script
application/javascript 2606:4700:20::681a:5dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lead.hellohealthgroup.com/admin/lang-id.js?_=1638181974680

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bc5913d2f5dd128d84f38807a430bc16a8d5dda297c39b302f0c49342de0a3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 10:32:55 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
last-modified: Wed, 24 Nov 2021 10:50:34 GMT
server: cloudflare
etag: W/"619e18fa-187"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4tQuSu2bIkyQxUgAHgO1tRhK374y9GURarADX8qle0M52rvNSXpDksraWRT0Gmq4bjtBmM8XCUVSOOWRc9pCJIkxptWoiBme1LJcsoTIN8oRLXw36DXucqTbVxHkvHFAxYPhxnEJiV28FqyRU47DwqcqcWPhF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true
cf-ray: 6b5b2cbdc8642bce-FRA
access-control-allow-headers: Accept,Content-Type,Referer,sec-ch-ua,sec-ch-ua-mobile,User-Agent,X-XSRF-TOKEN,x-xsrf-token,Authorization

POST
H2 200 2 Show response
lead.hellohealthgroup.com/api/campaign/ 90 KB
8 KB 781ms
780ms XHR
application/json 2606:4700:20::681a:5dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lead.hellohealthgroup.com/api/campaign/2

Requested by

Host: hellosehat.com
URL: https://hellosehat.com/_next/static/chunks/6022-058764decbdc81faa076.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16d02c8cfe2d22eceb22d3a62d4e466afe9e8a57ea3a941a79d1301ad59aa9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://hellosehat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 29 Nov 2021 10:32:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
content-type: application/json
access-control-allow-origin: https://hellosehat.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dt5U3FbJuRL6TYY6E%2FBEwFE4IMZOc8YWBSfSVvEjGC4Eq%2B3jcBlH1EWJlkX5CHaQlGscERkCGTaxPiAu73dn9J16%2FMBqfvaxdb2OB1K8Lf2asvBrBu3fmmFBYHXnQPFzC6eZW754X6FSKHLioBgjcCbr7rMAaM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
strict-transport-security: max-age=15768000; includeSubDomains
cf-ray: 6b5b2cc2ed0e3749-MXP
access-control-allow-headers: Accept,Content-Type,Referer,sec-ch-ua,sec-ch-ua-mobile,User-Agent,X-XSRF-TOKEN,x-xsrf-token,Authorization

OPTIONS
H2 200 2
lead.hellohealthgroup.com/api/campaign/ Frame 0
0 814ms
771ms Preflight 2606:4700:20::681a:5dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lead.hellohealthgroup.com/api/campaign/2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5dc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://hellosehat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 29 Nov 2021 10:32:55 GMT
content-length: 0
access-control-allow-headers: Accept,Content-Type,Referer,sec-ch-ua,sec-ch-ua-mobile,User-Agent,X-XSRF-TOKEN,x-xsrf-token,Authorization
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin: https://hellosehat.com
access-control-allow-credentials: true
strict-transport-security: max-age=15768000; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v61IW12YiDsDLefTaF9%2BvaYmc8X6hVO3M4MRvHMh5bpAD%2FTUT2x0I3B3XyW6qAGYKlTGrYXYHo84TY7jWzXO%2B%2FoIzQts6gq848Hmjv5%2BYTZQC0QAbWAf2u9q3T49YXZD9QOQwej635kNr%2BuwFzywNs8K05v%2Br1k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b5b2cbe189f3749-MXP

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellosehat.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 247252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:52:02 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 23ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellosehat.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 247252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:52:02 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 29ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellosehat.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 247252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:52:02 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 33ms
18ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellosehat.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 247252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:52:02 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame E897 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://hellosehat.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://hellosehat.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 29 Nov 2021 10:32:54 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame EB49 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://hellosehat.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hellosehat.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://hellosehat.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 29 Nov 2021 10:32:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 03:26:33	Name: NID Value: 511=O3Qd5uDaHGWnbAScNPG2VVqpRnBjKBmpxPQHM4Q3QOcp_0c7Q4TjS_JatTazkcVG4FNe-DGGbEBBmAWPuyVk8RyLicay1_7GtB-mJ_ds14QoUADMjX5Xh9nrc9YBegM8B4TZeKaGdMo68Wr9jbdYPFjbCan2FnecE7zB4uZz9GY
hellosehat.com/	1969-12-31 23:59:59	Name: hhg-id Value: fcecf7e7-445e-4cbd-bce6-a8d6cc29e455
.hellosehat.api.useinsider.com/	1970-01-19 23:04:28	Name: insdrPushCookieStatus Value: true
.doubleclick.net/	1970-01-20 08:24:37	Name: IDE Value: AHWqTUnM88eqXN49WDurTR_mPB3uJmw1xCKlqERS1NdCixdzIXHhd6X4BemAgbPjhQA
.hellosehat.api.useinsider.com/	1970-01-19 23:04:28	Name: push-request-sent Value: true
.hellosehat.api.useinsider.com/	1970-01-20 07:41:25	Name: native-permission-impression Value: true
hellosehat.com/	1969-12-31 23:59:59	Name: pbjs_debug Value: null
.adnxs.com/	1970-01-20 01:12:37	Name: uuid2 Value: 6471132998754452829
.casalemedia.com/	1970-01-20 07:48:37	Name: CMID Value: YaSsVEjljdCWLYe8LLUrFgAA
.casalemedia.com/	1970-01-20 01:12:37	Name: CMPS Value: 5205
.hellosehat.com/	1970-01-20 08:24:37	Name: __gads Value: ID=91fd57c30ffafcb6-224cd01e13cc0050:T=1638181972:S=ALNI_MZkBw4ppCDuF4OJro6FAjAsobfM2w
.adnxs.com/	1970-01-20 01:12:37	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTto6m)r!]tbPl1M>e)ZlrFUfJ+tGXvX+F4=.jQ.dq:Aj@37HK[f9U]CT3_K?dITFys0bpRzqF1`*b^Eg)shTj
.casalemedia.com/	1970-01-20 01:12:37	Name: CMPRO Value: 1141
.casalemedia.com/	1970-01-20 07:48:37	Name: CMRUM3 Value: 2d61a4ac552760CAESEDGxAErpTVIQ__Vuug_nc5g
.casalemedia.com/	1970-01-19 23:04:28	Name: CMST Value: YaSsVGGkrFUA
.yahoo.com/	1970-01-20 07:48:59	Name: A3 Value: d=AQABBFWspGECEFcr1eipneUHU9ZM1xVVQugFEgEBAQH9pWGuYQAAAAAA_eMAAA&S=AQAAAvZAuoJzUBraNktvnVZ3otQ
.quantserve.com/	1970-01-20 01:12:37	Name: d Value: EFcBCQHrJIEA
.quantserve.com/	1970-01-20 08:33:16	Name: mc Value: 61a4ac55-4aaef-d0e66-256c9
.adfarm1.adition.com/	1970-01-20 01:12:37	Name: UserID1 Value: 7035937998938568858
.blismedia.com/	1970-01-20 07:48:41	Name: b Value: 61A4AC5568D5E08824D5E786BLIS
.m6r.eu/	1970-01-19 23:03:05	Name: test Value: true
.analytics.yahoo.com/	1970-01-20 07:50:04	Name: IDSYNC Value: 18yx~21sy
.360yield.com/	1970-01-20 01:12:37	Name: tuuid Value: acb04d9d-55db-45e8-b0c1-a20e7be40ff9
.360yield.com/	1970-01-20 01:12:37	Name: tuuid_lu Value: 1638181973
.m6r.eu/	1970-01-20 01:12:37	Name: cct Value: 1638181973429
.m6r.eu/	1970-01-20 01:12:37	Name: id Value: b10d44ff1eeb818e21c32af63520dbdd
.scorecardresearch.com/	1970-01-20 16:19:49	Name: UID Value: 1HVMYNUKNIOZWTHHTNAA9Pg1638181974
.hellosehat.com/	1970-01-19 23:04:28	Name: _gid Value: GA1.2.1508740909.1638181974
.hellosehat.com/	1970-01-19 23:03:02	Name: _gat_UA-73904951-1 Value: 1
.hellosehat.com/	1970-01-20 16:34:13	Name: _ga_8KB5XVR4DX Value: GS1.1.1638181974.1.0.1638181974.60
.hellosehat.com/	1970-01-20 16:34:13	Name: _ga Value: GA1.1.1412350123.1638181972
.hellosehat.com/	1970-01-20 16:34:13	Name: _ga_C5ZXKTNHGQ Value: GS1.1.1638181974.1.0.1638181974.60
.hellosehat.com/	1970-01-20 01:12:37	Name: _fbp Value: fb.1.1638181974255.221719181
.facebook.com/	1970-01-20 01:12:37	Name: fr Value: 0dh3TMNKFC2SuTrlM..BhpKxW...1.0.BhpKxW.
.hellosehat.com/	1970-01-20 07:48:37	Name: _hjSessionUser_2260245 Value: eyJpZCI6IjA2ODNiOWZiLWQ5MzktNTlhYi1iNWZiLWNiNmMzNmI2NDJlNyIsImNyZWF0ZWQiOjE2MzgxODE5NzQyNzgsImV4aXN0aW5nIjpmYWxzZX0=
.hellosehat.com/	1970-01-19 23:03:03	Name: _hjFirstSeen Value: 1
.hellosehat.com/	1970-01-19 23:03:03	Name: _hjSession_2260245 Value: eyJpZCI6ImMyMzI0ZGUyLTM5YWMtNGQ4ZS04MGFmLWIyMWVhNDBmMWM3NCIsImNyZWF0ZWQiOjE2MzgxODE5NzQzMTh9
hellosehat.com/	1970-01-19 23:03:02	Name: _hjIncludedInSessionSample Value: 0
.hellosehat.com/	1970-01-19 23:03:03	Name: _hjAbsoluteSessionInProgress Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	URL: https://hellosehat.com/(Line 820) Message: Error: <svg> attribute viewBox: Expected number, "0 0 121px 32px".
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rLBNnVXbReiwwaIOe-QP-Q&google_push=AYg5qPIj5Q-mr0fsR0WUbft0ZQztxjoBzD8hGcH25cH-w74TBtp6HJmu_ZYJT7xDcwA4ov-tfe6heRhTV8fY6Z3ofRD2mcLCbIQ Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33583e3e77e0937ef3e7e74e440dcc53.safeframe.googlesyndication.com
8127d3cebf383b6d8af06766b8bb3453.safeframe.googlesyndication.com
accounts.google.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.google.com
assets.api.useinsider.com
bid.g.doubleclick.net
cdn-together.hellosehat.com
cdn.hellosehat.com
cdn4-hbs.affinitymatrix.com
cdnjs.cloudflare.com
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
d6226fedf7ae23b6b4672512f9e611f6.safeframe.googlesyndication.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eitri.api.useinsider.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbs.ph.affinity.com
hellosehat.api.useinsider.com
hellosehat.com
hit.api.useinsider.com
ib.adnxs.com
imasdk.googleapis.com
jb-on-site.api.useinsider.com
lead.hellohealthgroup.com
location.api.useinsider.com
log.api.useinsider.com
pagead2.googlesyndication.com
r1---sn-4g5lznle.c.2mdn.net
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
securepubads.g.doubleclick.net
segment.api.useinsider.com
ssbsync.smartadserver.com
static.hotjar.com
stats.g.doubleclick.net
subot.hellosehat.com
sync.teads.tv
together.hellobacsi.com
tpc.googlesyndication.com
tr.blismedia.com
tracking.m6r.eu
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
vc.hotjar.io
wp.hellosehat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
cm.g.doubleclick.net
104.111.242.245
142.250.185.194
142.250.186.98
143.204.98.104
143.204.98.117
143.204.98.28
143.204.98.32
143.204.98.45
143.204.98.62
143.204.98.82
143.204.98.87
185.33.220.242
185.86.139.93
2.18.234.21
216.139.248.131
216.58.212.130
2606:4700:20::681a:17b
2606:4700:20::681a:5dc
2606:4700:3108::ac42:28f1
2606:4700::6810:135e
2606:4700::6811:a872
2606:4700::6811:aa72
2607:f8b0:4004:836::2003
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:1d::6
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200d
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.126.56.137
34.96.105.8
34.98.64.218
64.185.181.238
64.233.167.156
72.251.244.142
85.114.159.93
0096a1a01c30e912021671b35fe7b3536ff6028ff0c943bfcfa62b46515e424d
0188f169f74bac198ce911d9c9f52a6162fb18e9e40dc4b2aa95767a135f8b8d
01caed562ebc86751778ba3331331dcbb1d7e2e330c2a7b62c08f459984cfe9f
02fbfeea44d9f030db4a0ccea2ed1bab27a11d04f495874bd10be9c83d919113
03d01210ab20bd2a0617aa0f7090f815e10d238258c72188161042784bd9f60f
043a7073a89a2f00029f1355bed703a3bf91b369a84f70e18d2b81fb61450ced
05b35c239de0094fdaa49335791909b5dea9cb64357d868e990602ad1e2e8262
09045c1659ddb6a9c248500d401b4ae52dfece587810404b02e39e35ddb5abe9
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
0a9cb1f794116c44f5d906c6618a3e964123c993541b489ece2e12e488e866ca
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc5913d2f5dd128d84f38807a430bc16a8d5dda297c39b302f0c49342de0a3b
0c5fb43ced5486daab63abc79176d3884bc3674166630268f48158799d1b4dbc
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f9f81fb8cf2c9f8aef75e8b93d3b2880d840af89422704ba8846a5b361eab12
106bc8eec675a8f12658a8871e75f74256b505d9ae284b7ea6a6b04b863b7c66
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11d14340e0f6d32722c7a3b9b770ae935a25f87cb6eafaa8b68dd83f6dbc58e2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12974e25b8e79af88aa9541d770030a049486a7a17b8a61ba700a0fe388baa01
12e17bf8136cefd5b874c58dfed2a11161216aee1eba2c0e098852bf44a5e83c
130ae97f1b15a9013b4cdac8ad485d904ddab1c28a34852c9f9535131d0d0f62
131539367ea5a0be2178b8a4c3bf43737b149c368ea60d0aa31f0d2565debde4
133282c228f76fca0d87bab178b18f3ddd3786f7c8ae19f1f2d111b9e8f58631
13c1ab8db979abe38ed33d2f1becb5d085f3281286097f5ccf7ef8ee287072ac
13f7757eafe2d6e6beb5f150eb1d99d63cbe47a7ea52c313cb7af842fbc2c8fd
14ac160c9d66dcf424c5081e906f9860b52a432e980feb72c319119608db7145
150d8d67ab97846b17ef2f26dcb70b13db87f8442e90c57f0adccd506900bc38
157761984925456338d2644f18a9054fa362e6fc00d9ff707a9107ccdd70deaa
167cde9760d71d5cafef8f9993be0b94a42542c0e704d42da8e8a9c1445aeb7f
16d02c8cfe2d22eceb22d3a62d4e466afe9e8a57ea3a941a79d1301ad59aa9f6
175f9ec4b0bac6de87bc3772384dddecca3d4260b8800e30dc32372cb75f8afb
18704e6392962f33591db3d201b3f4ee70a07488fb319d44d3b2c25e98a4dd78
195929c285c47fdcabb76bf8f0ff1ca459675b500e8ce2a2a0146f8cf2edbb0e
195b66d70c7ecdc6cc7bdb80b5d20362266269f2034ad3cf8f84fad9eb916dad
1bd5fa1ea23b52949a183aed658634af68c40ab68c32faa297eb206bd1586ad9
1ddb25c60ecb22faf48b34ed1712d093239d3e6c6545fc58ff2a3270c5335610
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1ea599f271342e8e16103ed432e0610dac29ff608ecee01ba8a5c9704fdc9d67
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
21b4b15a31a6243edfdfa2645d7796f44af2a8b0922f99cecc73b418a664e0b6
229f53b3aad663265100ce09043b93446b42d852a9e1af1fce1bef88dfe0a43e
22b438000f5239d2ec139fe079ef7d0de1d1ce30b2c55585414a19830fce2bdd
234936430f437c85cb51acd4fd9de42ec07f69c28d7534ef5b3a9b8694c6385e
237f9cd58dc7a9ca94941e61330960c620e6b39577fcb5043706aa24fd4108dc
2545d39df83ef1c13400d20da3f5605937ad772d8e5132e36cedbc4c764821e8
25ea783c366f5025d20945611168e63171fb00870c0200a1b6ba20612feb3fd3
2621811a66be17628025ecf7b4ee1f2320d3eb3ace7458a201f7590faaddd2d9
26badbcc2570b13481eb687d0c37e119ff2fe6a49cb03b7f10037137c9294079
296a20819f90b1b6469e4d3819d744486039a6fa8c85064e147368a8c8d840fb
2a78749f78474f71d16df5831a8741ffb5bc31227b233d9f8950f716c8152f0a
2aa406650d02194d02f50684cfed4d6ce76ea3c2fd17a643e1d9793d6d559e53
2af2aa60f45a1723a9088865687f20964145ca5f11b18a6c5253691bcd8dfdee
2b2ac5f2984c2c890fd690db56bf69ad686c92b54348a7c51deeb3484b8fe99f
2b6b2d4bc3cea5835ff36f284c438e37f5dbad2786afd8cec3200063124fcb6a
2be00176be4473c549a05a06fc284e15186c46c81d430fc903b3b18b0a24d0ce
2bfaa688d95f3ab90a5c9e73dd05d6827b411685f3237b6e7c34706b8681e445
2fdda2b62ec1c2cbb6bc0b77617232ce6ae40e0e6ea786cc1b4afd43b9fbb6f5
303d28cec54685d21cdb90d546f5c4c530aedf670f01fb63b2336ec391e86662
30d76ab1b9634f4916629e2aa245dce16825e821c3e48886ac51cf8cc1dfc044
3190051c5efbb7302d601250dd82282bce1b59b45818950f605fade6b5493287
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
3377d4797615d90b310726ec1f66cc791f270acae6691044f46063938359e1ae
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37fb6a3c2bcab385de11a6d19fa63ba727c8a099317fa40d6941844a639152d6
3845869a51bea384409c38e0b428da617913e5557f12001868773e75a0836bf4
3a3b80d2da5b23aa0581ccc1177b05ac8a72d868dac6dc6084ff28b60c8c3050
3b6fe87cec54c1057d00c4dfc07a6afcb40766eedb93a2c09e846c972246498b
3d580f72f847e60a90013190aacc108148bcd82d8115565fa80a5162d7f716bf
3d5f33e4272e764851d54af7e81ed73a8898097a0ba054df3406571a9b739a96
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3f484bcaa99153f90c129c2206904b6bed43f28e7a45bf45ccb942f1f09631ce
3fceaeaf3c28c1da719a83844bbeb26db030cd2c187dd36f55e3ed95858b2f42
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
430e1bb0dcdc695ea1d1eca0fa65b13d3c791c559aaa9db857feb2c45afdbdb0
47f8dd82997002775c499f0423837014ab32ba82eb8618a560d4f56d3e3d7e4f
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
49bf92a46b4b79c8c10edfd5ae84ff78edf267ae9a4e245946393bc668a7a30a
49cce362baa68aba9de3e5b79041390310b367c2c3aa2c62baa236316bfa586f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f41ea689c83498fbd45ad948229c6352a01982b5f95c74303903595f5c20175
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4ff7fb4a3bb565f34d7c187bb245a7d22765081708dd1c1d2d24b8fc8ecd40a4
50229f8cb61d218f95621ea1cf8240ce4c723a4049f9d48b92a0e3f882361907
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53361a2d55736457bf03e5887dfbdd0c8fd8532ad82bf6f457ca2f3deb84ead4
5373732aa29605604527335f236ef5db993da9ff88d30b38cef51d4280c59cb3
5527acfbc16c1aba369254c889d87f435e73b00528e360c77db008339dd6761c
55e35a1415438685f71fe809dfb0e94ff9d3b994dd8d8ae8f7206bb878d59a84
56cb8b0ff51816351c50a2097f1a3e9080046cb87f7189a1a510772db7a9af5c
57d17a8ea20280d11b5d3e7ee77633421c37c67b86a23908894af1f231239e8c
592c5c6a923544e013714f059bf8f77dd9a78e86a5dd16364dd0fd34af987b5c
594f97850153846b8103d82932f24ab98691a4361c65ca10b26f433fbde9fc0d
60116d0a1efea37cefb4204af56617fd8fd99be9ce43cc050e76579a0f9480e7
60e35ab493bbcff39bed424f8ed65f380ce299b2218cd1ec082ed3cbe717bb52
61152a6120b79c6d6a25f37d1cdb09fa0005675fe8789317b7b0be40f310a1da
611f83ab8f68ec42b22e8cef3c1d1bda597cca149d1210c5d695e479a7817167
613b0ee1b9104aadf7ad9f8f0521f17d610859e818aa6ad959865f4d99abb8ed
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
64f92ac5b3e5e53a9fbe7815fc07b9c10de1e6489f1c020041f543fb1c84ba3a
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
657c3b320182a15c3b15ea01814d2de305204ba9c6c18deeb0f3889ca78720ca
6593a5f2ae81292c595372d6515811b76cf94a646253629c78bd595bd21bef51
67c86383b39dd7ccc5d5cd5f9409c6929e2a9a47f5b7fb811fbfff49c64e51f6
67fd6a2020a7402397ff5eb19e0d7174a9c156bd716a67821262ea17c41aa3b5
68b13fb32ac97aaa547176f77229f00ec488d14fd5cc823f395f722deb56766f
69708e48c09056dbe09a59ebbf992261dbb2fcef90053cb0fd2b0ec605cc03ce
69cc79d7319f1f6b1d0709bd67e54da60188318ce7f57f6c56fa766f4bc0f90a
6a187e59c959c541b477855af39df95cc9a424916c333d9b0c1753e19649825c
6b8f1e95a6dc6d88e76418a7d1e328f414b84238a393116fcf0ade1dc375941c
6e822fa3f521b23835ef5cdadbe0efa44097a1858d78011239b698fc735dbea5
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6fc87cc4a96100455e7995a1cc7b707d537ea4847d9f354883bb755b79f70aea
735896fb65aadc7751e4ce6bcd629f399f4f974cc9e36bab715e2a4536238609
73700d12b1f69e2e57145816286feb9cdf4c45b5195df3a2d220f7d932f329fe
73a8c8b71c727620ddf45dab25613dd77a27b466b81f91fc9973b757688db843
74c29c96b45f93cf1052fe616e3d0d99e328e107ce792ede3bb46c75005bc4f1
74edf718d73f502e60ac6438d410a47c424bc7e6e302abd66bc218db338013db
762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5
7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6
777092d156163fd88a7264c6fb6b80cfeccfbb9a7951a55a54a3df0922f24798
78387df2ae341fc5ce7674e93bbe99c7cd70d8e9cf034e723621096c97fee860
7b4b0e183cc890b5e7ca89ada7ccfa6f3de66a120a4e1aa151fc1a4755a2d500
7c2fd2fac13b6c4348d9e73a032dfd0b2b1131c9b927f5cd74402a1084684133
7c8a6888774843c183bcbd577ea9a47a8aaa694312d22ed7a8d40fa40ce0e67c
7d37c648aa88066cb3859c4799920acc46cbef3018a53504a521f4aafce87985
7e0652909f134a574590008eeb0b838fbe4db4fd04cebbc0604e2ade895514c7
7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db
7f0130f24540ccb1db627505148ffdccda33f66ddc00dd3607d59c6d65e8c366
7f48b7b7156dccf8254dd1d0aba9f2a2adf2cfd51863f68dca712c277f471eda
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81732ef8a3370a547b35a2c25cfa71e1bda0c8c2dfb27f0a57f43e78c72e4261
8206994ff08210448630fecd10eb45f55aa50040d4083ecc037727c88a2a77e5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840417446517b60288a9d3475018fc355afbd9e1e2c435dda0ef5e1c08add0e9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853c923bec8aafc3344bd9dfdf81cb68d62e7965207e45411dfa89e9286da360
864d774e4d1600133cc0b1ef195acc4168562c48080442e5689057076ebd129a
87fd121893be089bb23e1793ed15beae6d8e2deff7f2837ef61728688ba8e785
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89fc3a2941138c93f799d3f2a13cfe9fa095567d775599b5601117591ad3ceb6
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b8b3032c3f782f180b24c052332d87873a7376fad8e6a6eb2bbc7b1d28a192a
8c602c30c3d0f3e39f0614adc49f0608431ad2aeb8078a98c3999fdc4d262a0d
8d49532edeccd15e2611cc716d18eb3c2044c97f2507b6e3c56fa11fb5efef43
90522800375d2af39a942f1b7bba8c525ce5926ad91b6cc273eb2af6acfc18f5
907badcb91936cad3f99d9d8d16107e6db02b8986dab4ca0e6cb0689224759c0
90815e79e010de7cf9b3975b73718d611b55c758056d5ee409a59194e387ac62
90a80ad0ab08c8d764c542784ca204ffffca06d44bcf91670af0151a34dfb63c
93ec0ffe529b698331e7dcdd3e53c88962f4d939f0733941375dca5ba456f587
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
9546920b87935e7fafc877cbb68c9c926ab302ff22bd4491233d2770a3dd533c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9963a427c7b05e1ea3c923cfed992cfea294e980e42d754ba593cec66d285a07
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e9eaaf2e35f73ede028e48ae7eeb24323471c33e4924d1ae0bfb0c9f22e6b7c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a148b672f71ea0af3a5de16d27576c78bd86d47f30da37e0eee4f56cda0a3898
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a323ea4d420f000759dc95278605a701d670dd29cb477da6d8a6d9a78e06ea66
a3ed4eeb6ff0371ee043785da9c48b790cd734172ffe02155621376ff9284cd2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a594b8abaaa9ddc33c27a1ee8f36fd60765a2b488334597564a0665476843a2e
a59ab4648b8353801f24fe904d10594c5e3fc2a678745047f337fd77e1c0c96f
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6fa42c8ac54f1c4a2f5dfc80224964a0032b062c4ab482a92cb6db0f8122604
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9f9bbbfbd2aca097b350c02fdda05e72ccab0c9b56a29576a0688f121ef09bc
b07ebb9c6636b3dd30e0cfea84755b76a10a0a43d57d4a7a15d63d22a98284d5
b08ca073e776f8d59740788e00d84d178e06eacda305153540ec6beac726fc66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b9f895f84701ca7fd9dd678004f9d7be765bb7c7c7b8409ea080f645d581b163
bb25862428574b1f6c81b69a00cdc0c46a584a2a83f1e9500bad9701ff570372
bdae988100afcf19315d358cc2c33a6252eb67a6df3d7a90cf742a3c10e56870
bdb02d532d7bfd45b67a7b2cdec2f9022e4b53fcbc99e8dca2a4d8dbfafacd72
bdfbbf9a47ccc8dcc9cb0604bb121a8ac35bba7f70bf4eea575177bbaef5cdff
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c4fa960349375f4943bb74165439a2d534a0eead7e15acfec8143f9d3663d0a3
c6da9d5f3ce44acc1da493c3e82a6d946de2ea06c00ebd485fd56813254bb4c9
c81f6241c39561fb1df11797bdf04b68474113a5e532ddce80c409eecb9ab5f7
c8b73ad2c530c3e6c34bf65c69abecd50717853a026ed95d5bf752c2f130d706
c8e56a6de93c8aae0e8a37d1e47d95ec3d4093c62e6a9f409b7bd3668dc25aa5
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
caed4c0ef39873fadbc4ca0152edb35c3a188013b1964d91b89134a6c9353191
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc6bac41e5a8a10a5cceb08823a125d9bab2b145becbf2eea0c03a7b547a8a58
cc6edc282fff929ae3990dfa1d0d1260cda84914d30b9308bcfa09c45ccc4f85
cf4c58655ccce3642c87e8591956ef9de8f3000686f58cb69ba166c1146e32e6
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d127899fa77adae7e7bb43caa02f75edd8a56ee6435e80a051e62632b7b4c9d4
d3b9ed04b027e1a7bd770bbdc284222c7598953667d8f058742305c411ab6469
d46339dafc1d32a8aaf81c5d90820b9fbd49576d95e42276b6319fcc5b8a8b99
d52bed0242ffcc95334accbb7cc711bc5c7b07464c8ad34b3a245ca4e0e2730d
d728b5966194fbd4fe7921275a66119a4ede6e24b848d19ae18c9758099c2d23
d75ff760beb35512790089d33edb9e817238246c13c9253e2ada5a7825ad3ea7
d89d29544ad7a238afa3d97b4c44e604c28f5f4a2abe58704f491d1c6899d105
d92f09ae07452c9469060bc4cc3e7a96341dd8d6ff5d9e6fd47a8f049321adbc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de968f76b38b39843f4aef49513c6ce95bd19f117f76d3b04ea23551f3b3fa92
e0dc7d5c0de19da6d905dd700393a7442275de3f2e4991ef609d695f7b2ce928
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48da5c4236c217961471989e60e050251d70dd293731d5884f54c020f5ddcb5
e4d21a447563fbf8e6c7fdec84bb7f180ec7295064706ea97d817fc397afff8d
e75913f20f466004f58d79f803b42c1e895ea48a19f5b7250c2dc480cbd4d22e
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e87306bc66a9508994f77972982dc78faf83cc960b04bbfef7d6186577cb60f9
ead86ebdeb06874667b8df645d1bab933227c3eb2d6fb7d2195f2f71714d62aa
eafa70aa45c5b3618a387bd0e619e248f8a49cc44cf10bbf24f7bca1190e2c3e
ec76e23362b97b1b7aec0300d2d222b5bbde5592ea2b82a76fa27782b1a65e97
ecde615f07a602ce6b525c3ff1fbc69a7d00024d424b0f27c0f18aeae0959297
ed85338db2632fee8b26d93e7640258943700a768bc5c65b4e9782cff7538eb7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef455a6eb787f310a2c3f2e20e475358dd8c72153ea39017f06e4dc6c673eac1
f0955965a084fd4ef9987320e207cf1b5af2d4456d99149accf25aafb42c049d
f248d2fcc7ea94c9e58b1a4576dd2a68e1a6394066645e7fb2824c54525b200f
f41139735dcf90699e2a54f0d44203b1fc726a39cdcbfdf0b9e965a17b74109f
f4123fffdff9a9e26202127a87781c5cee9afa520a374d688493f346905d29dd
f4daa970399ec0b9b2d86c886766ac1aee4e91b64e7cdeb73930a6264982204d
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
f5ac37135b1519a5eefa4c2a5d27ced028c56e7a981f4a74e2391f00d1ef018b
f66438fdc72f60fb08fad25906cf0cda6bfeeb1a7bf5a79f729b638b52abc1f6
f7aabbca62b3dab4e7d15b5be8ff8d5a0f6184224d9b9d4dbb1e0649b602abb1
f88454f390cf5e441b0e39aaaf048f21267d1b5a6d8cbf8517c6afd48bd01d05
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
f95585ae4c1c2f975a72ab3e69ce37ad1a86edab942be6593a75c0cee28c222b
f9ff49a66a623e77f9c5c90b010dcb5d344f04bd86fa5a294af83b7d836fac1f
fa0b958c3a912253190f6ddbf2047cb8a2190dc372893505c1a637625c3dbf5a
faee908c3c6c520580b45261c3453f787874e263befbed4a555741be85ea548c
fbfb7219560f3526872ce3da2ef95481b0076721f13615b473917bfa4966b497
fc0d58f64b5c52b2453baae3f378caf2ac9d509e24f8e87ce130a1de12b9752e

hellosehat.com Open in urlscan Pro 2606:4700:20::681a:17b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

361 Requests

96 %HTTPS

57 %IPv6

34 Domains

65 Subdomains

51 IPs

6 Countries

8356 kBTransfer

17847 kBSize

39 Cookies

20 Outgoing links

Page URL History

Redirected requests

361 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hellosehat.com Open in urlscan Pro
2606:4700:20::681a:17b Public Scan

Screenshot
Live screenshot

Full Image

361
Requests

96 %
HTTPS

57 %
IPv6

34
Domains

65
Subdomains

51
IPs

6
Countries

8356 kB
Transfer

17847 kB
Size

39
Cookies

361 HTTP transactions
7 data transactions