g-plans.com Open in urlscan Pro
34.68.56.245 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://g-plans.com/
Effective URL:
https://g-plans.com/
Submission: On March 21 via manual (March 21st 2023, 5:05:20 am UTC) from KW — Scanned from DE

Summary HTTP 84 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 24 domains to perform 84 HTTP transactions. The main IP is 34.68.56.245, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is g-plans.com. The Cisco Umbrella rank of the primary domain is 455284.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on August 19th 2022. Valid for: a year.

This is the only time g-plans.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 35	34.68.56.245 34.68.56.245	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.122.47 18.66.122.47	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.46 65.9.66.46	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223c:3800:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	18.64.144.178 18.64.144.178	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:16ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 2	35.172.81.43 35.172.81.43	14618 (AMAZON-AES) (AMAZON-AES)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
84	30

35 34.68.56.245 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 245.56.68.34.bc.googleusercontent.com

g-plans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-47.fra60.r.cloudfront.net

polaris.truevaultcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-46.fra56.r.cloudfront.net

location.truevaultcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:3800:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.144.178 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-144-178.mct50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:16ea (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.172.81.43 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-81-43.compute-1.amazonaws.com

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	g-plans.com 1 redirects g-plans.com — Cisco Umbrella Rank: 455284	7 MB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 82	847 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 static.doubleclick.net — Cisco Umbrella Rank: 241 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	3 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 215	31 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 4219	15 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 2654 rp.liadm.com — Cisco Umbrella Rank: 1516	15 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	269 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6069	562 B
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1128	878 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	35 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1391 insight.adsrvr.org — Cisco Umbrella Rank: 549	3 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 438	7 KB
2	truevaultcdn.com polaris.truevaultcdn.com — Cisco Umbrella Rank: 67091 location.truevaultcdn.com — Cisco Umbrella Rank: 81175	23 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 612	394 B
1	t.co t.co — Cisco Umbrella Rank: 507	377 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1503	157 B
1	media6degrees.com action.media6degrees.com — Cisco Umbrella Rank: 4341	230 B
1	dstillery.com 1 redirects action.dstillery.com — Cisco Umbrella Rank: 4504	190 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1352	8 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 619	15 KB
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1677
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	44 KB
0	formcred.com Failed formcred.com Failed
84	24

	Domain	Requested by
35	g-plans.com	1 redirects g-plans.com
9	www.youtube.com	g-plans.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
3	googleads.g.doubleclick.net	1 redirects www.youtube.com www.googletagmanager.com
3	www.googletagmanager.com	g-plans.com www.googletagmanager.com
2	rp.liadm.com	1 redirects
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	www.google.de	g-plans.com
2	sp.analytics.yahoo.com	g-plans.com
2	www.google.com	www.youtube.com g-plans.com
2	cdnjs.cloudflare.com	g-plans.com
2	s.yimg.com	g-plans.com s.yimg.com
2	fonts.gstatic.com	www.youtube.com
1	insight.adsrvr.org	js.adsrvr.org
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	analytics.twitter.com	g-plans.com
1	t.co	g-plans.com
1	alb.reddit.com	g-plans.com
1	static.doubleclick.net	www.youtube.com
1	action.media6degrees.com	g-plans.com
1	action.dstillery.com	1 redirects
1	js.adsrvr.org	www.googletagmanager.com
1	b-code.liadm.com	www.googletagmanager.com
1	www.redditstatic.com	g-plans.com
1	static.ads-twitter.com	g-plans.com
1	script.crazyegg.com	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	location.truevaultcdn.com	polaris.truevaultcdn.com
1	polaris.truevaultcdn.com	g-plans.com
0	formcred.com Failed	g-plans.com
84	31

This site contains links to these domains. Also see Links.

Domain
shop.g-plans.com
blog.g-plans.com
help.g-plans.com
apps.apple.com
play.google.com
goglianutrition.myshopify.com
privacy.g-plans.com

Subject Issuer	Validity	Valid
*.g-plans.com AlphaSSL CA - SHA256 - G2	`2022-08-19` - `2023-09-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
polaris.truevaultcdn.com Amazon RSA 2048 M01	`2023-02-22` - `2023-06-16`	4 months	crt.sh
location.truevaultcdn.com Amazon RSA 2048 M02	`2023-02-23` - `2023-07-21`	5 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-09` - `2024-03-08`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-15`	6 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-27` - `2023-04-19`	2 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-14`	6 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://g-plans.com/
Frame ID: 6B2A82C604FF2F2744CCFB6F614619AA
Requests: 65 HTTP requests in this frame

Frame: https://www.youtube.com/embed/XXI7lhrSYvo
Frame ID: 7390880BE2D5FBAFE7FE064C8D3922CE
Requests: 18 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=65aggbs&ref=https%3A%2F%2Fg-plans.com%2F&upid=2eko8m2&upv=1.1.0
Frame ID: 885AAE06B689194E0C24237EB60AA847
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

G-Plans | Customized Nutrition & Weight Loss Programs Made Just For You | Take the Quiz Now!

Page URL History Show full URLs

http://g-plans.com/ HTTP 301
https://g-plans.com/ Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Page Statistics

84
Requests

95 %
HTTPS

62 %
IPv6

24
Domains

31
Subdomains

30
IPs

5
Countries

8237 kB
Transfer

11860 kB
Size

14
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://shop.g-plans.com/
Title: Supplements

Search URL Search Domain Scan URL

URL: https://blog.g-plans.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://help.g-plans.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/g-plans-customized-nutrition/id1287437272

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.gplans

Search URL Search Domain Scan URL

URL: https://goglianutrition.myshopify.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://privacy.g-plans.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://help.g-plans.com/en/collections/3121008-general-questions
Title: Frequently asked questions

Search URL Search Domain Scan URL

URL: https://help.g-plans.com/en/articles/1594035-how-do-i-log-in-to-my-mobile-app
Title: Trouble logging in?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://g-plans.com/ HTTP 301
https://g-plans.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://action.dstillery.com/orbserv/nsjs?adv=cl1030212&ns=5613&nc=G-Plans_Site_Visitors&ncv=43 HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1030212&ns=5613&nc=G-Plans_Site_Visitors&ncv=43

Request Chain 49

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 81

https://rp.liadm.com/j?dtstmp=1679375114071&aid=a-00om&se=e30&duid=4683703cbddb--01gw18x7kem0rkrpsz14dpqv98&tna=v2.7.0&pu=https%3A%2F%2Fg-plans.com%2F&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPkctUGxhbnMgfCBDdXN0b21pemVkIE51dHJpdGlvbiAmYW1wOyBXZWlnaHQgTG9zcyBQcm9ncmFtcyBNYWRlIEp1c3QgRm9yIFlvdSB8IFRha2UgdGhlIFF1aXogTm93ITwvdGl0bGU-PG1ldGEgZGF0YS1uLWhlYWQ9InNzciIgZGF0YS1oaWQ9ImRlc2NyaXB0aW9uIiBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj48bWV0YSBkYXRhLW4taGVhZD0ic3NyIiBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iR2V0IGEgZnVsbHkgY3VzdG9taXplZCB3ZWlnaHQgbG9zcyBvciBudXRyaXRpb24gcHJvZ3JhbSBmb3IgeW91ciBoZWFsdGggYW5kIHdlbGxuZXNzIGdvYWxzLiBDcmVhdGVkIGJ5IE51dHJpdGlvbmlzdCB0byB0aGUgU3RhcnMsIERyLiBQaGlsaXAgR29nbGlhLiBUYWtlIHRoZSBRdWl6IE5vdyEiPjxoMSBjbGFzcz0iZ3Atc2VjdGlvbi0xX19yb3dfaDEiPk51dHJpdGlvbiBKdXN0PGJyIGNsYXNzPSJub21vYmlsZSI-CiAgICAgICAgICAgIEZvciA8c3BhbiBjbGFzcz0iZ3Atc2VjdGlvbi0xX19yb3dfaDEtYmx1ZSB0eXBld3JpdGUiPjxzcGFuIGNsYXNzPSJ0ZXh0LXNlbGVjdCI-WW91PHNwYW4gY2xhc3M9InRleHQtY3Vyc29yIj48L3NwYW4-PC9zcGFuPjwvc3Bhbj48L2gxPg HTTP 302
https://rp.liadm.com/j?dtstmp=1679375114071&aid=a-00om&se=e30&duid=4683703cbddb--01gw18x7kem0rkrpsz14dpqv98&tna=v2.7.0&pu=https%3A%2F%2Fg-plans.com%2F&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPkctUGxhbnMgfCBDdXN0b21pemVkIE51dHJpdGlvbiAmYW1wOyBXZWlnaHQgTG9zcyBQcm9ncmFtcyBNYWRlIEp1c3QgRm9yIFlvdSB8IFRha2UgdGhlIFF1aXogTm93ITwvdGl0bGU-PG1ldGEgZGF0YS1uLWhlYWQ9InNzciIgZGF0YS1oaWQ9ImRlc2NyaXB0aW9uIiBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj48bWV0YSBkYXRhLW4taGVhZD0ic3NyIiBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iR2V0IGEgZnVsbHkgY3VzdG9taXplZCB3ZWlnaHQgbG9zcyBvciBudXRyaXRpb24gcHJvZ3JhbSBmb3IgeW91ciBoZWFsdGggYW5kIHdlbGxuZXNzIGdvYWxzLiBDcmVhdGVkIGJ5IE51dHJpdGlvbmlzdCB0byB0aGUgU3RhcnMsIERyLiBQaGlsaXAgR29nbGlhLiBUYWtlIHRoZSBRdWl6IE5vdyEiPjxoMSBjbGFzcz0iZ3Atc2VjdGlvbi0xX19yb3dfaDEiPk51dHJpdGlvbiBKdXN0PGJyIGNsYXNzPSJub21vYmlsZSI-CiAgICAgICAgICAgIEZvciA8c3BhbiBjbGFzcz0iZ3Atc2VjdGlvbi0xX19yb3dfaDEtYmx1ZSB0eXBld3JpdGUiPjxzcGFuIGNsYXNzPSJ0ZXh0LXNlbGVjdCI-WW91PHNwYW4gY2xhc3M9InRleHQtY3Vyc29yIj48L3NwYW4-PC9zcGFuPjwvc3Bhbj48L2gxPg&n3pc=true

84 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
g-plans.com/
Redirect Chain

http://g-plans.com/
https://g-plans.com/

95 KB
19 KB

353ms
118ms

Document
text/html

34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 4aae9b8c8135ef067d24601a3aa5bfb137265e4c4ff9fde87d88570dea41b3a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 21 Mar 2023 05:05:12 GMT
etag: W/"63fc4464-17c85"
last-modified: Mon, 27 Feb 2023 05:49:24 GMT
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Tue, 21 Mar 2023 05:05:12 GMT
Location: https://g-plans.com/

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
81 KB 49ms
27ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PL87JC&l=dataLayer

Requested by

Host: g-plans.com
URL: https://g-plans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3cf19f45e51ec669414c94914c4970b27bddf6c83150013e7e521d1e07d1eac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82475
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Mar 2023 05:05:12 GMT

GET
H2 200 db4fc9f.js Show response
g-plans.com/_nuxt/ 2 KB
1 KB 226ms
224ms Script
application/javascript 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/_nuxt/db4fc9f.js
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 01cdc8db95d86d35a3cda35ab6d4ac090f14ffa3a58517332b56601f78c2224b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
content-encoding: gzip
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
etag: W/"63fc4462-9e9"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 253449d.js Show response
g-plans.com/_nuxt/ 215 KB
88 KB 119ms
118ms Script
application/javascript 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/_nuxt/253449d.js
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: df797afe003ee030a887dc7c73eb85ab547fa79084b416eb55fe3363805f2e22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
content-encoding: gzip
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
etag: W/"63fc4462-35dbf"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 1de7af1.js Show response
g-plans.com/_nuxt/ 67 KB
26 KB 350ms
349ms Script
application/javascript 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/_nuxt/1de7af1.js
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 4e8082a937c17e5571179ba6c0261347d57a0ddb0fbbbe900ab2d87b37d40865

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
content-encoding: gzip
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
etag: W/"63fc4462-10b41"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 daf605d.js Show response
g-plans.com/_nuxt/ 61 KB
21 KB 339ms
338ms Script
application/javascript 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/_nuxt/daf605d.js
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 2f3bf408c888689b93072127b9851a6f64ac57c2dd4fb72ac9e09395777f9893

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
content-encoding: gzip
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
etag: W/"63fc4462-f2ad"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 ee16e76.js Show response
g-plans.com/_nuxt/ 61 KB
16 KB 352ms
351ms Script
application/javascript 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/_nuxt/ee16e76.js
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 620ee4ae0aa2308a46f78872f526d8b15627bc0d4b9ff13d083849aefd6d306b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
content-encoding: gzip
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
etag: W/"63fc4462-f3a9"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 4072165.js Show response
g-plans.com/_nuxt/ 37 KB
10 KB 234ms
233ms Script
application/javascript 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/_nuxt/4072165.js
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 32a592d3016ebf5ddb93769802d941e105087d8ca3f8eb471101540ef791dc62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
content-encoding: gzip
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
etag: W/"63fc4462-92ad"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 polaris.js Show response
polaris.truevaultcdn.com/static/ 85 KB
22 KB 60ms
7ms Script
application/javascript 18.66.122.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://polaris.truevaultcdn.com/static/polaris.js
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-47.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9943c1f5b908ac58b0ebae7386d6b6327f7d00d297f44fbd24838e72fe6cb859

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: SWN7Zz15OHgs_nRjrynOhi0QtjIRW0V0
content-encoding: gzip
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
date: Tue, 21 Mar 2023 02:07:56 GMT
last-modified: Fri, 03 Mar 2023 06:13:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 13252
x-amz-server-side-encryption: AES256
etag: W/"c03627768f5414df8e6864f73998f5aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: cdavx7BUi3rit9_sOraLmo5depmERMSui-yXOSs_63qXOSdzGlS7Tw==

GET
H2 200 / Show response
location.truevaultcdn.com/ 28 B
380 B 54ms
6ms Fetch 65.9.66.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://location.truevaultcdn.com/
Requested by: Host: polaris.truevaultcdn.com
URL: https://polaris.truevaultcdn.com/static/polaris.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-46.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 03:02:50 GMT
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C1
age: 7342
vary: Cloudfront-Viewer-Country,Cloudfront-Viewer-Country-Region
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
access-control-allow-origin: *
x-country: DE
x-region
content-length: 28
x-amz-cf-id: S4aSFGf_TiCgvDJpWF9a0SRWtREZmFLi7qfQ_6HgX9GEmAa3VcIiAg==

GET
H2 200 XXI7lhrSYvo Show response
www.youtube.com/embed/ Frame 7390 72 KB
31 KB 98ms
76ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/XXI7lhrSYvo

Requested by

Host: g-plans.com
URL: https://g-plans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27cd6ec03c98ca3e17204606299039baaf300f35d0f35c67f2a81454a88334ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g-plans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 05:05:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 417 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c10b8c9ce6fdbc2e4a5550ea8bd33a7b077752cfe1db3cf33837950fc92a5d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 782 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa01d97e5641e428fc4285f8f93fe3f9fce63b7f1824fe9fc4e88291791ece70

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 206 running-metabolism.9e94d35.mp4
g-plans.com/_nuxt/videos/ 213 KB
214 KB 229ms
228ms Media
video/mp4 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/_nuxt/videos/running-metabolism.9e94d35.mp4
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 0e42c2b6f44b40ade539a9acccd78267d9cb1741c80d8a3f44aae98f78ddfad7

Request headers

Referer: https://g-plans.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-218495/218496
date: Tue, 21 Mar 2023 05:05:12 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
etag: "63fc4462-35580"
Content-Length: 218496
content-type: video/mp4

GET
H2 206 pickyourfoods.c69b9ea.mp4
g-plans.com/_nuxt/videos/ 1 MB
1 MB 234ms
234ms Media
video/mp4 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/_nuxt/videos/pickyourfoods.c69b9ea.mp4
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 945d231c359a6f4ea24383aca71af1159d880378e1c801dd5bb270fd2265e2f6

Request headers

Referer: https://g-plans.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1183623/1183624
date: Tue, 21 Mar 2023 05:05:12 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
etag: "63fc4462-120f88"
Content-Length: 1183624
content-type: video/mp4

GET
H2 206 notalone.9717dc4.mp4
g-plans.com/_nuxt/videos/ 3 MB
3 MB 228ms
228ms Media
video/mp4 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/_nuxt/videos/notalone.9717dc4.mp4
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 9ac15a9d119867551af89966e5b40a33b5b68732947422627587a9147eebb133

Request headers

Referer: https://g-plans.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-3576482/3576483
date: Tue, 21 Mar 2023 05:05:12 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
etag: "63fc4462-3692a3"
Content-Length: 3576483
content-type: video/mp4

GET
H2 200 GreycliffCF-DemiBold.47fb8c3.woff
g-plans.com/_nuxt/fonts/ 37 KB
37 KB 819ms
817ms Font
font/woff 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/_nuxt/fonts/GreycliffCF-DemiBold.47fb8c3.woff
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: bd13cc4af3616365032d28db25b9c449a1c3abbd04653d20aa0e6765c47b1d41

Request headers

Referer: https://g-plans.com/
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-9488"
content-length: 38024
content-type: font/woff

GET
H2 200 GreycliffCF-Bold.ac1b672.woff
g-plans.com/_nuxt/fonts/ 37 KB
37 KB 350ms
349ms Font
font/woff 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/_nuxt/fonts/GreycliffCF-Bold.ac1b672.woff
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 1d48a6d593d7b48e16c2f70f8c72f8ac344042e294d30d5138c71e5bd9305a17

Request headers

Referer: https://g-plans.com/
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-9320"
content-length: 37664
content-type: font/woff

GET
H2 200 GreycliffCF-Regular.e34fd4a.woff
g-plans.com/_nuxt/fonts/ 36 KB
37 KB 823ms
822ms Font
font/woff 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/_nuxt/fonts/GreycliffCF-Regular.e34fd4a.woff
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 4a01db98ae177a32788519ba5dc32b56c498c5fc3c38280f01c0814be7f52916

Request headers

Referer: https://g-plans.com/
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-91d8"
content-length: 37336
content-type: font/woff

GET
H2 200 GreycliffCF-DemiBoldOblique.ac2cf79.woff
g-plans.com/_nuxt/fonts/ 38 KB
39 KB 568ms
568ms Font
font/woff 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g-plans.com/_nuxt/fonts/GreycliffCF-DemiBoldOblique.ac2cf79.woff
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 591140079354731f3faa47abf9a0363b313357b1d56eca39b06b84ac15782316

Request headers

Referer: https://g-plans.com/
Origin: https://g-plans.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-993c"
content-length: 39228
content-type: font/woff

GET
H2 200 gp-logo.1658662.svg
g-plans.com/_nuxt/img/ 3 KB
2 KB 1339ms
1336ms Image
image/svg+xml 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/gp-logo.1658662.svg
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 6afe1b1c340c8902bb80e674469bc6b349fdd9613fcdd39f33bf482e11610c3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
content-encoding: gzip
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
etag: W/"63fc4462-c07"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 gplans-1.f88792b.webp
g-plans.com/_nuxt/img/ 100 KB
101 KB 988ms
985ms Image
image/webp 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/gplans-1.f88792b.webp
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 6b9297766f131616c25afe958dfdfe9372e6ad44875b9efec991dca2a11f2060

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-190b4"
content-length: 102580
content-type: image/webp

GET
H2 200 gplans-4.b987bff.webp
g-plans.com/_nuxt/img/ 133 KB
133 KB 1471ms
1469ms Image
image/webp 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/gplans-4.b987bff.webp
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: ae6676d7a1411c78153487dc6aa8623895dbc7934c3df82a147d1ba76bac9dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-2120c"
content-length: 135692
content-type: image/webp

GET
H2 200 gplans-5.0ea7505.webp
g-plans.com/_nuxt/img/ 292 KB
292 KB 1006ms
1004ms Image
image/webp 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/gplans-5.0ea7505.webp
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 4c13c649bdc8df3758fb09ebb7b503d800cad2e2015ef61f0d1b2992297ca537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-48ebe"
content-length: 298686
content-type: image/webp

GET
H2 200 gplans-6.c8e63f7.webp
g-plans.com/_nuxt/img/ 228 KB
228 KB 1553ms
1550ms Image
image/webp 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/gplans-6.c8e63f7.webp
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 0be08c1c9e74e2a1d65dced80f2dbc6e59ca5a77b4411e9374d593a8ebdfa2db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-38e50"
content-length: 233040
content-type: image/webp

GET
H2 200 gplans-7.1b3c4b4.webp
g-plans.com/_nuxt/img/ 12 KB
12 KB 1046ms
1044ms Image
image/webp 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/gplans-7.1b3c4b4.webp
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: f6e1ebdefd612b821bbf264792aafa460c4acce4aa4950377658bbefae6f5080

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-2f18"
content-length: 12056
content-type: image/webp

GET
H2 200 gplans-8.167adff.webp
g-plans.com/_nuxt/img/ 12 KB
12 KB 1568ms
1566ms Image
image/webp 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/gplans-8.167adff.webp
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: bb8a20a114ff1e1ae667fb805c855421d20d1222ed18b3065f18a385687989f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-2f9a"
content-length: 12186
content-type: image/webp

GET
H2 200 screen-shot-2020-10-14-at-4-14-33-pm.88d1048.webp
g-plans.com/_nuxt/img/ 5 KB
5 KB 1623ms
1622ms Image
image/webp 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/screen-shot-2020-10-14-at-4-14-33-pm.88d1048.webp
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: b918963194e68b3e75a0897faec0192fcb34b90f92cb488bcfdc7fedbc5f6742

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-143e"
content-length: 5182
content-type: image/webp

GET
H2 200 gplans-14.26f83ed.png
g-plans.com/_nuxt/img/ 140 KB
140 KB 1624ms
1623ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/gplans-14.26f83ed.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 065200f969c07d32580f9f48fa4971e3d5505b0e2234161adb24c175867384fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-22fff"
content-length: 143359
content-type: image/png

GET
H2 200 gplans-17.c68b5e5.webp
g-plans.com/_nuxt/img/ 149 KB
150 KB 1568ms
1567ms Image
image/webp 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/gplans-17.c68b5e5.webp
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: d335be690bac4f54f699eceb3c89ef0e15c9693739fd0b5fe2046c53b7136835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:12 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-25572"
content-length: 152946
content-type: image/webp

GET 1.js
formcred.com/js/ 0
0

GET
H2 200 www-player.css
www.youtube.com/s/player/59acb1f3/ Frame 7390 399 KB
51 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XXI7lhrSYvo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

627b65348371145aaabe55e47cd88f930ac1deceee9035c225e2599620b31809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XXI7lhrSYvo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 02:51:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8048
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51796
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 20 Mar 2024 02:51:04 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/ Frame 7390 346 KB
108 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XXI7lhrSYvo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6d16fdbd323a6e1f9f5de2832e0e104b4f96c08522617706df1625e556e135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XXI7lhrSYvo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 04:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110099
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 20 Mar 2024 04:56:09 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/ Frame 7390 2 MB
611 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XXI7lhrSYvo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0786c93417ede2a0a5d482288da45887ce070d846d7c1e5f7c882a3268f17c85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XXI7lhrSYvo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 01:06:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187111
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 624818
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 01:06:41 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/59acb1f3/fetch-polyfill.vflset/ Frame 7390 9 KB
3 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XXI7lhrSYvo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XXI7lhrSYvo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 04:54:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 668
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 20 Mar 2024 04:54:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7390 15 KB
15 KB 44ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XXI7lhrSYvo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 15:27:04 GMT
x-content-type-options: nosniff
age: 394688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 15:27:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7390 15 KB
16 KB 41ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XXI7lhrSYvo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:28:44 GMT
x-content-type-options: nosniff
age: 470188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 18:28:44 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 112 KB
44 KB 43ms
22ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-P6PGJXK

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87JC&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db45eda8d12a49751514658c6286aa9ac4465d0d9a48aea2cdcb214cbf93a647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44944
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Mar 2023 05:05:13 GMT

GET
H2 410 6036.js
script.crazyegg.com/pages/scripts/0020/ 0
0 68ms
16ms Script
application/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0020/6036.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87JC&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Mar 2023 02:30:25 GMT
server: cloudflare
age: 9288
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 7ab3a8988b373665-FRA
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
94 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-774287094

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87JC&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3c1a5a1892419d01a66e922aca5c4f754a7493fa201dcae3ff4a2414a8fb0d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96340
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Mar 2023 05:05:13 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 21ms
6ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-hhn-etou8220045-HHN

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 31ms
6ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H2 200 a-00om.min.js Show response
b-code.liadm.com/ 42 KB
14 KB 524ms
15ms Script
application/javascript 2600:9000:223c:3800:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-00om.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87JC&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:3800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dfa5296ebb7da606e1987f169353abf13163d85f4a67253baf9e280c84c73ce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 04:04:41 GMT
content-encoding: gzip
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 3632
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: OQtTgdlg9_atc6uea6sS4DxcmSd8qHNWpqFmXEsb0_o5VAWITKPGrA==

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 56ms
13ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: g-plans.com
URL: https://g-plans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: JN4T84VZP15Z8JNE
age: 1
x-amz-server-side-encryption: AES256
x-amz-id-2: jCPB+iVWmV9ayKHz5jJ/6Izv5aiLB1qy7ixw1tppd74mfN1AXwEiAb6RIrTyqCTn8JjjhzqnWNI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 610ms
199ms Script
application/x-javascript 18.64.144.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87JC&l=dataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.144.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-144-178.mct50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 07:56:02 GMT
Content-Encoding: gzip
Via: 1.1 43d47d0158bc461a90165b6d286cc9d6.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MCT50-P1
Age: 76152
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: AdkEdR67PvFuNtSu2GxYNGswtC0V8nAYbIIA6e0qYfA843t5mycbZA==

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1030212&ns=5613&nc=G-Plans_Site_Visitors&ncv=43
https://action.media6degrees.com/orbserv/nsjs?adv=cl1030212&ns=5613&nc=G-Plans_Site_Visitors&ncv=43

5 B
230 B

136ms
125ms

Script
text/html

2606:4700::6812:16ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1030212&ns=5613&nc=G-Plans_Site_Visitors&ncv=43
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Server: 2606:4700::6812:16ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 05:05:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=ISO-8859-1
content-language: de-DE
access-control-allow-origin: *
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
cf-ray: 7ab3a89c6c0a9bca-FRA

Redirect headers

location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1030212&ns=5613&nc=G-Plans_Site_Visitors&ncv=43
access-control-allow-origin: *
date: Tue, 21 Mar 2023 05:05:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ab3a8993f5c9bca-FRA
content-type: text/html; charset=iso-8859-1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
94 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LL1EG3X32V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87JC&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54f830a89fd1108a086fda16e48653eb63ba6aaeffd7b216adacd71f06b6da72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96312
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Mar 2023 05:05:13 GMT

GET
H2 200 swiper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/5.4.5/js/ 138 KB
31 KB 39ms
12ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/5.4.5/js/swiper.min.js

Requested by

Host: g-plans.com
URL: https://g-plans.com/_nuxt/4072165.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36231d9ccbf4581029b3733c99c07b587ce56a7113b74ae7c0c0a083aec38029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1772826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31065
last-modified: Tue, 16 Jun 2020 14:26:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ee8d6b2-22681"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=975JlD2Ljl8zIALodXlNHrYWjnJ8nrJb%2B3zlTUrh1MrKTSB8F%2BAqGMCxpLUzD1YOs3eiec1OSLuyb42BXRkCIKYkdET56XE1dw2p19kG3%2B8dHyacaN0nB9g5nEIDCqzuBbt7VXeuMXR8NSstd66fvuLD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ab3a8989b24690d-FRA
expires: Sun, 10 Mar 2024 05:05:13 GMT

GET
H2 200 cookie-icon.8a6fdca.svg
g-plans.com/_nuxt/img/ 1 KB
644 B 1487ms
1474ms Image
image/svg+xml 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/cookie-icon.8a6fdca.svg
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 6d6335515725103259da9d89189f6ef7c7e2c21d8925b2b705952e3190aeeb0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
content-encoding: gzip
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
etag: W/"63fc4462-42b"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 swiper.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/5.4.5/css/ 13 KB
4 KB 37ms
16ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/5.4.5/css/swiper.min.css

Requested by

Host: g-plans.com
URL: https://g-plans.com/_nuxt/4072165.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

906ba97c9e3365be3f9b418f3d56349e0ec5c128d99b5134c0c586d5a4586f09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 67642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3573
last-modified: Tue, 16 Jun 2020 14:26:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ee8d6b2-356d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3prBeO9A0delio3fkqmhZiChvsR5bh%2BE7t8%2F3yzciHE5JWdHxVXuXfm615Nvyc8iPdtGhkVZpQ6M4Z8sXzd1lKyIn3gdmyay9fDd01ZQXWbNqCw%2FVowij6NNWGymwHq%2BLpFJh3wEuM5YlaxPWrvBCIo"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ab3a8989b23690d-FRA
expires: Sun, 10 Mar 2024 05:05:13 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 7390
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

14ms
14ms

XHR
application/json

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XXI7lhrSYvo

Protocol

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09e8fe9b3d3d0646036bd78a4831bf993bb9e26e7dd5a6d6ac8fac2c529c8666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Mar 2023 05:05:13 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 7390 29 B
494 B 33ms
6ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 04:53:31 GMT
x-content-type-options: nosniff
age: 702
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Mar 2023 05:08:31 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 49ms
17ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 21 Mar 2023 05:05:13 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7390 66 KB
31 KB 24ms
22ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40ff417ac4fd97de45b6ca2a731421750abf857923bb589ac5e92cd4f50d64d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31063
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/ Frame 7390 116 KB
36 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd6fe8e7ae1c62891cb5eddccffd0e4fe658520f3c086c32d6c2efbd3c1e47af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XXI7lhrSYvo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 239026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36475
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 17 Mar 2024 10:41:27 GMT

GET
H2 200 W1rPsxnPvRrAUqr6O9TSVsmAP55o0wYEfnX-BwJJajM.js Show response
www.google.com/js/th/ Frame 7390 36 KB
15 KB 36ms
6ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/W1rPsxnPvRrAUqr6O9TSVsmAP55o0wYEfnX-BwJJajM.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b5acfb319cfbd1ac052aafa3bd4d256c9803f9e68d306047e75fe0702496a33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 20:39:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14357
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 20:39:03 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/ Frame 7390 27 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b624474cafaf891480d3b946b92e5e5181a58b85a452f86458fd7985b273a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XXI7lhrSYvo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 21:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 199911
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8702
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 17 Mar 2024 21:33:22 GMT

GET
H2 200 gplans-20.e15dac7.webp
g-plans.com/_nuxt/img/ 178 KB
178 KB 1268ms
1261ms Image
image/webp 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/gplans-20.e15dac7.webp
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 292e04b444a6eb2f7a8b324e73ebc212f5580bae66265c269a4ad35703d21966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-2c660"
content-length: 181856
content-type: image/webp

GET
H2 200 testimonial-1.6d709ec.png
g-plans.com/_nuxt/img/ 37 KB
37 KB 1368ms
1361ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/testimonial-1.6d709ec.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: e4e40bd20a3afab8aeeb0c2607c44c4d555a9b4992e3e742c8f4a79a690a3a74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-937d"
content-length: 37757
content-type: image/png

GET
H2 200 testimonial-9.68b76d0.png
g-plans.com/_nuxt/img/ 60 KB
61 KB 1287ms
1280ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/testimonial-9.68b76d0.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 79f2f25e50fa8e5c882c3b1ff327192023204f293b1e56a8b03f3640972c8192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-f115"
content-length: 61717
content-type: image/png

GET
H2 200 testimonial-2.ec1882d.png
g-plans.com/_nuxt/img/ 39 KB
39 KB 1287ms
1281ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/testimonial-2.ec1882d.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 58659283571bafc77685ded0e7a27c5c79433bffca71645839693e8e520c6a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-9c0e"
content-length: 39950
content-type: image/png

GET
H2 200 testimonial-6.a4d00fa.png
g-plans.com/_nuxt/img/ 55 KB
55 KB 1304ms
1299ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/testimonial-6.a4d00fa.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 6e17d4a91bad7895c76e772bed9ea2c76002227e3938806c7711f53f9f4ca408

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-dc6f"
content-length: 56431
content-type: image/png

GET
H2 200 testimonial-3.0cee7dc.png
g-plans.com/_nuxt/img/ 53 KB
54 KB 1367ms
1362ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/testimonial-3.0cee7dc.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: df96a4bb6577c31c073c48eaa2906085b02d5f55a71880ceba7ccdf414fc03c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-d570"
content-length: 54640
content-type: image/png

GET
H2 200 testimonial-7.0930fdb.png
g-plans.com/_nuxt/img/ 43 KB
43 KB 1320ms
1314ms Image
image/png 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/testimonial-7.0930fdb.png
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 6cacc924faa11849352a99bb7ea954fb2e351cd662afea642f0453d780025c63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-aa36"
content-length: 43574
content-type: image/png

GET
H2 200 10140037.json Show response
s.yimg.com/wi/config/ 2 B
450 B 44ms
14ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10140037.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 04:58:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: PCQ8QBFCKNCW1XZJ
age: 390
content-length: 2
x-amz-id-2: +HUvXv3SjoVEGCmBsmQgb9Q8BQIwfqe86Ak3HwgU2rXABciWum+V/bvcW/1sGypDd3rLNtx6udg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 153ms
112ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1679375113346&id=t2_3q6ydxe0&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=1bb45dcd-daa6-49ac-ae10-68005cc22f23&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 gplans-17-2.088f2bb.webp
g-plans.com/_nuxt/img/ 40 KB
40 KB 1302ms
1301ms Image
image/webp 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/gplans-17-2.088f2bb.webp
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: d5127e52e6b42784d26f17b34e58e35634172c7ee21c35dc80972dd24759288c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-a0e6"
content-length: 41190
content-type: image/webp

GET
H2 200 gplans-17-3.01367ff.webp
g-plans.com/_nuxt/img/ 86 KB
86 KB 1302ms
1301ms Image
image/webp 34.68.56.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-plans.com/_nuxt/img/gplans-17-3.01367ff.webp
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.56.245 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 245.56.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 2eecc9eebdf3ba46e39175f411575c86dd0b2a1b81ffbae6a880306e8d22c4ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
last-modified: Mon, 27 Feb 2023 05:49:22 GMT
accept-ranges: bytes
etag: "63fc4462-1568e"
content-length: 87694
content-type: image/webp

GET
H2 200 adsct
t.co/i/ 43 B
377 B 197ms
137ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=e460dd09-05ec-4438-b0ff-31638d058129&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1b2a9696-e135-401e-8040-d59c4cb14704&tw_document_href=https%3A%2F%2Fg-plans.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o20xo&type=javascript&version=2.3.29

Requested by

Host: g-plans.com
URL: https://g-plans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 106
date: Tue, 21 Mar 2023 05:05:13 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 8a531972e57f65ba
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 88a057bfe3c6424cd6eb863073c1ea5dcad0c25ab92929910ed8ce21fe548899
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 196ms
136ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e460dd09-05ec-4438-b0ff-31638d058129&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1b2a9696-e135-401e-8040-d59c4cb14704&tw_document_href=https%3A%2F%2Fg-plans.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o20xo&type=javascript&version=2.3.29

Requested by

Host: g-plans.com
URL: https://g-plans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 21 Mar 2023 05:05:13 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: a03ee3cf516d2a07
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 92321d8f7041973715eef9ac9cb1b9de257c912b9c2c84a477910d47a3b7ff88
content-length: 43

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 101ms
33ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2021%20Mar%202023%2005%3A05%3A13%20GMT&n=0&b=G-Plans%20%7C%20Customized%20Nutrition%20%26%20Weight%20Loss%20Programs%20Made%20Just%20For%20You%20%7C%20Take%20the%20Quiz%20Now!&.yp=10140037&f=https%3A%2F%2Fg-plans.com%2F&enc=UTF-8&us_privacy=1---&yv=1.13.0&tagmgr=gtm

Requested by

Host: g-plans.com
URL: https://g-plans.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 05:05:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 21 Mar 2023 05:05:13 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
246 B 108ms
40ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=G-Plans%20%7C%20Customized%20Nutrition%20%26%20Weight%20Loss%20Programs%20Made%20Just%20For%20You%20%7C%20Take%20the%20Quiz%20Now!&.yp=10140037&f=https%3A%2F%2Fg-plans.com%2F&enc=UTF-8&us_privacy=1---&yv=1.13.0&tagmgr=gtm

Requested by

Host: g-plans.com
URL: https://g-plans.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 05:05:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 21 Mar 2023 05:05:13 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/774287094/ 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/774287094/?random=1679375113415&cv=11&fst=1679375113415&bg=ffffff&guid=ON&async=1&gtm=45je33f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fg-plans.com%2F&tiba=G-Plans%20%7C%20Customized%20Nutrition%20%26%20Weight%20Loss%20Programs%20Made%20Just%20For%20You%20%7C%20Take%20the%20Quiz%20Now!&us_privacy=1---&auid=1902531422.1679375113&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LL1EG3X32V&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00c4a3265adc4542a6dac7be2c3b1bbecf57bb514f89db55e60deefb1f11fa00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 05:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1265
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 48ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LL1EG3X32V&gtm=45je33f0&_p=1498457502&_gaz=1&cid=357485631.1679375113&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679375113&sct=1&seg=0&dl=https%3A%2F%2Fg-plans.com%2F&dt=G-Plans%20%7C%20Customized%20Nutrition%20%26%20Weight%20Loss%20Programs%20Made%20Just%20For%20You%20%7C%20Take%20the%20Quiz%20Now!&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LL1EG3X32V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 05:05:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://g-plans.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 87ms
23ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LL1EG3X32V&cid=357485631.1679375113&gtm=45je33f0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LL1EG3X32V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 05:05:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://g-plans.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 74ms
18ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LL1EG3X32V&cid=357485631.1679375113&gtm=45je33f0&aip=1&z=958954986

Requested by

Host: g-plans.com
URL: https://g-plans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 05:05:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7390 90 B
134 B 19ms
17ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

263de36bf1ac1f999aa4634e7c4bc66bdebc76e95938cfedcfbcfdc590af5bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 21 Mar 2023 05:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 19ms
18ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 21 Mar 2023 05:05:13 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/774287094/ 42 B
340 B 23ms
19ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/774287094/?random=1679375113415&cv=11&fst=1679374800000&bg=ffffff&guid=ON&async=1&gtm=45je33f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fg-plans.com%2F&tiba=G-Plans%20%7C%20Customized%20Nutrition%20%26%20Weight%20Loss%20Programs%20Made%20Just%20For%20You%20%7C%20Take%20the%20Quiz%20Now!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3830446782&rmt_tld=0&ipr=y

Requested by

Host: g-plans.com
URL: https://g-plans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 05:05:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/774287094/ 42 B
154 B 44ms
40ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/774287094/?random=1679375113415&cv=11&fst=1679374800000&bg=ffffff&guid=ON&async=1&gtm=45je33f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fg-plans.com%2F&tiba=G-Plans%20%7C%20Customized%20Nutrition%20%26%20Weight%20Loss%20Programs%20Made%20Just%20For%20You%20%7C%20Take%20the%20Quiz%20Now!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3830446782&rmt_tld=1&ipr=y

Requested by

Host: g-plans.com
URL: https://g-plans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 05:05:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 7390 0
10 B 49ms
42ms Image
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?z8C37A
Requested by: Host: g-plans.com
URL: https://g-plans.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XXI7lhrSYvo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 7390 4 KB
2 KB 70ms
17ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 05:05:14 GMT

GET
H2

200

j Show response
rp.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1679375114071&aid=a-00om&se=e30&duid=4683703cbddb--01gw18x7kem0rkrpsz14dpqv98&tna=v2.7.0&pu=https%3A%2F%2Fg-plans.com%2F&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPkctUG...
https://rp.liadm.com/j?dtstmp=1679375114071&aid=a-00om&se=e30&duid=4683703cbddb--01gw18x7kem0rkrpsz14dpqv98&tna=v2.7.0&pu=https%3A%2F%2Fg-plans.com%2F&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPkctUG...

13 B
562 B

99ms
99ms

XHR
application/json

35.172.81.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp.liadm.com/j?dtstmp=1679375114071&aid=a-00om&se=e30&duid=4683703cbddb--01gw18x7kem0rkrpsz14dpqv98&tna=v2.7.0&pu=https%3A%2F%2Fg-plans.com%2F&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPkctUGxhbnMgfCBDdXN0b21pemVkIE51dHJpdGlvbiAmYW1wOyBXZWlnaHQgTG9zcyBQcm9ncmFtcyBNYWRlIEp1c3QgRm9yIFlvdSB8IFRha2UgdGhlIFF1aXogTm93ITwvdGl0bGU-PG1ldGEgZGF0YS1uLWhlYWQ9InNzciIgZGF0YS1oaWQ9ImRlc2NyaXB0aW9uIiBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj48bWV0YSBkYXRhLW4taGVhZD0ic3NyIiBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iR2V0IGEgZnVsbHkgY3VzdG9taXplZCB3ZWlnaHQgbG9zcyBvciBudXRyaXRpb24gcHJvZ3JhbSBmb3IgeW91ciBoZWFsdGggYW5kIHdlbGxuZXNzIGdvYWxzLiBDcmVhdGVkIGJ5IE51dHJpdGlvbmlzdCB0byB0aGUgU3RhcnMsIERyLiBQaGlsaXAgR29nbGlhLiBUYWtlIHRoZSBRdWl6IE5vdyEiPjxoMSBjbGFzcz0iZ3Atc2VjdGlvbi0xX19yb3dfaDEiPk51dHJpdGlvbiBKdXN0PGJyIGNsYXNzPSJub21vYmlsZSI-CiAgICAgICAgICAgIEZvciA8c3BhbiBjbGFzcz0iZ3Atc2VjdGlvbi0xX19yb3dfaDEtYmx1ZSB0eXBld3JpdGUiPjxzcGFuIGNsYXNzPSJ0ZXh0LXNlbGVjdCI-WW91PHNwYW4gY2xhc3M9InRleHQtY3Vyc29yIj48L3NwYW4-PC9zcGFuPjwvc3Bhbj48L2gxPg&n3pc=true

Protocol

Server

35.172.81.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-172-81-43.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g-plans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 05:05:14 GMT
x-pixel-event-id: f2cf1e6a-ae8e-43c5-8839-e27bd37c2933
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: https://g-plans.com
access-control-allow-credentials: true
trace-id: 6f2f97928a563c55
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 21 Mar 2023 05:05:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: /j?dtstmp=1679375114071&aid=a-00om&se=e30&duid=4683703cbddb--01gw18x7kem0rkrpsz14dpqv98&tna=v2.7.0&pu=https%3A%2F%2Fg-plans.com%2F&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPkctUGxhbnMgfCBDdXN0b21pemVkIE51dHJpdGlvbiAmYW1wOyBXZWlnaHQgTG9zcyBQcm9ncmFtcyBNYWRlIEp1c3QgRm9yIFlvdSB8IFRha2UgdGhlIFF1aXogTm93ITwvdGl0bGU-PG1ldGEgZGF0YS1uLWhlYWQ9InNzciIgZGF0YS1oaWQ9ImRlc2NyaXB0aW9uIiBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj48bWV0YSBkYXRhLW4taGVhZD0ic3NyIiBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iR2V0IGEgZnVsbHkgY3VzdG9taXplZCB3ZWlnaHQgbG9zcyBvciBudXRyaXRpb24gcHJvZ3JhbSBmb3IgeW91ciBoZWFsdGggYW5kIHdlbGxuZXNzIGdvYWxzLiBDcmVhdGVkIGJ5IE51dHJpdGlvbmlzdCB0byB0aGUgU3RhcnMsIERyLiBQaGlsaXAgR29nbGlhLiBUYWtlIHRoZSBRdWl6IE5vdyEiPjxoMSBjbGFzcz0iZ3Atc2VjdGlvbi0xX19yb3dfaDEiPk51dHJpdGlvbiBKdXN0PGJyIGNsYXNzPSJub21vYmlsZSI-CiAgICAgICAgICAgIEZvciA8c3BhbiBjbGFzcz0iZ3Atc2VjdGlvbi0xX19yb3dfaDEtYmx1ZSB0eXBld3JpdGUiPjxzcGFuIGNsYXNzPSJ0ZXh0LXNlbGVjdCI-WW91PHNwYW4gY2xhc3M9InRleHQtY3Vyc29yIj48L3NwYW4-PC9zcGFuPjwvc3Bhbj48L2gxPg&n3pc=true
access-control-allow-origin: https://g-plans.com
request-time: 0
access-control-allow-credentials: true
trace-id: cb4f712355d0192d
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/111/ Frame 7390 50 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/111/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 14:21:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14872
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 16:05:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 21 Mar 2023 14:21:43 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 885A 0
182 B 108ms
33ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=65aggbs&ref=https%3A%2F%2Fg-plans.com%2F&upid=2eko8m2&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g-plans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Tue, 21 Mar 2023 05:05:14 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 7390 28 B
54 B 32ms
27ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
X-Goog-Request-Time: 1679375115899
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/XXI7lhrSYvo
X-YouTube-Client-Version: 1.20230314.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtKU3RjeDhqNzdOMCiI9uSgBg%3D%3D
X-YouTube-Ad-Signals: dt=1679375113035&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 21 Mar 2023 05:05:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 21 Mar 2023 05:05:15 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: formcred.com
URL: https://formcred.com/js/1.js

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.g-plans.com/	1970-01-20 11:12:47	Name: us_privacy Value: 1---
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: lsI5xNUKI04
.youtube.com/	1970-01-20 14:48:47	Name: VISITOR_INFO1_LIVE Value: JStcx8j77N0
.g-plans.com/	1970-01-20 12:39:11	Name: _gcl_au Value: 1.1.1902531422.1679375113
.g-plans.com/	1970-01-20 12:39:11	Name: _rdt_uuid Value: 1679375113345.1bb45dcd-daa6-49ac-ae10-68005cc22f23
.g-plans.com/	1970-01-20 20:05:35	Name: _ga_LL1EG3X32V Value: GS1.1.1679375113.1.0.1679375113.60.0.0
.g-plans.com/	1970-01-20 20:05:35	Name: _ga Value: GA1.1.357485631.1679375113
.doubleclick.net/	1970-01-20 10:29:36	Name: test_cookie Value: CheckForPermission
.yahoo.com/	1970-01-20 19:15:32	Name: A3 Value: d=AQABBAk7GWQCENvQDRqk3Em28-5c7FkqeNUFEgEBAQGMGmQjZAAAAAAA_eMAAA&S=AQAAAoEV-z9jzdG3xLckRYsWl50
.twitter.com/	1970-01-20 20:05:35	Name: personalization_id Value: "v1_Z/zM78CzTqWWt5SRJbmkIw=="
.t.co/	1970-01-20 20:05:35	Name: muc_ads Value: 84de45dd-2f7b-4ba5-a42d-c994c1af7e94
.g-plans.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .g-plans.com
.g-plans.com/	1970-01-20 20:05:35	Name: _lc2_fpi Value: 4683703cbddb--01gw18x7kem0rkrpsz14dpqv98
.liadm.com/	1970-01-20 20:05:35	Name: lidid Value: 3bdcd0e2-ec81-434e-a837-6e8b831ac68a

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://formcred.com/js/1.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://script.crazyegg.com/pages/scripts/0020/6036.js Message: Failed to load resource: the server responded with a status of 410 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

action.dstillery.com
action.media6degrees.com
alb.reddit.com
analytics.twitter.com
b-code.liadm.com
cdnjs.cloudflare.com
fonts.gstatic.com
formcred.com
g-plans.com
googleads.g.doubleclick.net
insight.adsrvr.org
jnn-pa.googleapis.com
js.adsrvr.org
location.truevaultcdn.com
polaris.truevaultcdn.com
region1.analytics.google.com
rp.liadm.com
s.yimg.com
script.crazyegg.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.doubleclick.net
stats.g.doubleclick.net
t.co
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
www.youtube.com
formcred.com
104.244.42.131
104.244.42.197
146.75.120.157
151.101.129.140
18.64.144.178
18.66.122.47
2001:4860:4802:32::36
212.82.100.181
2600:9000:223c:3800:8:8845:1500:93a1
2606:4700::6811:190e
2606:4700::6812:16ea
2606:4700::6813:9408
2a00:1288:80:807::2
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::2006
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9a
2a04:4e42:200::396
34.68.56.245
35.172.81.43
35.71.131.137
65.9.66.46
00c4a3265adc4542a6dac7be2c3b1bbecf57bb514f89db55e60deefb1f11fa00
01cdc8db95d86d35a3cda35ab6d4ac090f14ffa3a58517332b56601f78c2224b
065200f969c07d32580f9f48fa4971e3d5505b0e2234161adb24c175867384fe
0786c93417ede2a0a5d482288da45887ce070d846d7c1e5f7c882a3268f17c85
09e8fe9b3d3d0646036bd78a4831bf993bb9e26e7dd5a6d6ac8fac2c529c8666
0be08c1c9e74e2a1d65dced80f2dbc6e59ca5a77b4411e9374d593a8ebdfa2db
0e42c2b6f44b40ade539a9acccd78267d9cb1741c80d8a3f44aae98f78ddfad7
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1d48a6d593d7b48e16c2f70f8c72f8ac344042e294d30d5138c71e5bd9305a17
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
263de36bf1ac1f999aa4634e7c4bc66bdebc76e95938cfedcfbcfdc590af5bcc
27cd6ec03c98ca3e17204606299039baaf300f35d0f35c67f2a81454a88334ce
292e04b444a6eb2f7a8b324e73ebc212f5580bae66265c269a4ad35703d21966
2eecc9eebdf3ba46e39175f411575c86dd0b2a1b81ffbae6a880306e8d22c4ab
2f3bf408c888689b93072127b9851a6f64ac57c2dd4fb72ac9e09395777f9893
32a592d3016ebf5ddb93769802d941e105087d8ca3f8eb471101540ef791dc62
36231d9ccbf4581029b3733c99c07b587ce56a7113b74ae7c0c0a083aec38029
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3cf19f45e51ec669414c94914c4970b27bddf6c83150013e7e521d1e07d1eac9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40ff417ac4fd97de45b6ca2a731421750abf857923bb589ac5e92cd4f50d64d9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a01db98ae177a32788519ba5dc32b56c498c5fc3c38280f01c0814be7f52916
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
4aae9b8c8135ef067d24601a3aa5bfb137265e4c4ff9fde87d88570dea41b3a4
4c13c649bdc8df3758fb09ebb7b503d800cad2e2015ef61f0d1b2992297ca537
4e8082a937c17e5571179ba6c0261347d57a0ddb0fbbbe900ab2d87b37d40865
54f830a89fd1108a086fda16e48653eb63ba6aaeffd7b216adacd71f06b6da72
58659283571bafc77685ded0e7a27c5c79433bffca71645839693e8e520c6a16
591140079354731f3faa47abf9a0363b313357b1d56eca39b06b84ac15782316
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b5acfb319cfbd1ac052aafa3bd4d256c9803f9e68d306047e75fe0702496a33
5c10b8c9ce6fdbc2e4a5550ea8bd33a7b077752cfe1db3cf33837950fc92a5d1
620ee4ae0aa2308a46f78872f526d8b15627bc0d4b9ff13d083849aefd6d306b
627b65348371145aaabe55e47cd88f930ac1deceee9035c225e2599620b31809
6afe1b1c340c8902bb80e674469bc6b349fdd9613fcdd39f33bf482e11610c3a
6b624474cafaf891480d3b946b92e5e5181a58b85a452f86458fd7985b273a66
6b9297766f131616c25afe958dfdfe9372e6ad44875b9efec991dca2a11f2060
6cacc924faa11849352a99bb7ea954fb2e351cd662afea642f0453d780025c63
6d6335515725103259da9d89189f6ef7c7e2c21d8925b2b705952e3190aeeb0f
6e17d4a91bad7895c76e772bed9ea2c76002227e3938806c7711f53f9f4ca408
6e6d16fdbd323a6e1f9f5de2832e0e104b4f96c08522617706df1625e556e135
79f2f25e50fa8e5c882c3b1ff327192023204f293b1e56a8b03f3640972c8192
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
906ba97c9e3365be3f9b418f3d56349e0ec5c128d99b5134c0c586d5a4586f09
945d231c359a6f4ea24383aca71af1159d880378e1c801dd5bb270fd2265e2f6
9943c1f5b908ac58b0ebae7386d6b6327f7d00d297f44fbd24838e72fe6cb859
9ac15a9d119867551af89966e5b40a33b5b68732947422627587a9147eebb133
aa01d97e5641e428fc4285f8f93fe3f9fce63b7f1824fe9fc4e88291791ece70
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae6676d7a1411c78153487dc6aa8623895dbc7934c3df82a147d1ba76bac9dff
b918963194e68b3e75a0897faec0192fcb34b90f92cb488bcfdc7fedbc5f6742
bb8a20a114ff1e1ae667fb805c855421d20d1222ed18b3065f18a385687989f3
bd13cc4af3616365032d28db25b9c449a1c3abbd04653d20aa0e6765c47b1d41
c3c1a5a1892419d01a66e922aca5c4f754a7493fa201dcae3ff4a2414a8fb0d7
cd6fe8e7ae1c62891cb5eddccffd0e4fe658520f3c086c32d6c2efbd3c1e47af
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d335be690bac4f54f699eceb3c89ef0e15c9693739fd0b5fe2046c53b7136835
d5127e52e6b42784d26f17b34e58e35634172c7ee21c35dc80972dd24759288c
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db45eda8d12a49751514658c6286aa9ac4465d0d9a48aea2cdcb214cbf93a647
df797afe003ee030a887dc7c73eb85ab547fa79084b416eb55fe3363805f2e22
df96a4bb6577c31c073c48eaa2906085b02d5f55a71880ceba7ccdf414fc03c1
dfa5296ebb7da606e1987f169353abf13163d85f4a67253baf9e280c84c73ce8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e40bd20a3afab8aeeb0c2607c44c4d555a9b4992e3e742c8f4a79a690a3a74
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f6e1ebdefd612b821bbf264792aafa460c4acce4aa4950377658bbefae6f5080

g-plans.com Open in urlscan Pro 34.68.56.245 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

95 %HTTPS

62 %IPv6

24 Domains

31 Subdomains

30 IPs

5 Countries

8237 kBTransfer

11860 kBSize

14 Cookies

9 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

g-plans.com Open in urlscan Pro
34.68.56.245 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

95 %
HTTPS

62 %
IPv6

24
Domains

31
Subdomains

30
IPs

5
Countries

8237 kB
Transfer

11860 kB
Size

14
Cookies

84 HTTP transactions
2 data transactions