secure06v-userchase.x24hr.com Open in urlscan Pro
147.182.162.240 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secure06v-userchase.x24hr.com/privacy-policy
Effective URL:
https://secure06v-userchase.x24hr.com/privacy-policy
Submission: On June 21 via api (June 21st 2024, 1:37:53 pm UTC) from US — Scanned from DE

Summary HTTP 51 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 18 domains to perform 51 HTTP transactions. The main IP is 147.182.162.240, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is secure06v-userchase.x24hr.com.
TLS certificate: Issued by R3 on June 5th 2024. Valid for: 3 months.

This is the only time secure06v-userchase.x24hr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	147.182.162.240 147.182.162.240	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	44.216.178.53 44.216.178.53	14618 (AMAZON-AES) (AMAZON-AES)
8	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	23.213.165.149 23.213.165.149	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.23.178 13.32.23.178	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:275... 2600:9000:275d:e00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:29:1... 2620:1ec:29:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 6	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
3	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2	64.74.236.255 64.74.236.255	19024 (INTERNAP-...) (INTERNAP-BLK5)
1 2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	143.204.205.59 143.204.205.59	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2600:1f18:730... 2600:1f18:730:b120:4e3a:eab5:4121:f8cd	14618 (AMAZON-AES) (AMAZON-AES)
1	35.171.216.113 35.171.216.113	14618 (AMAZON-AES) (AMAZON-AES)
1	134.209.162.206 134.209.162.206	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	23.96.124.156 23.96.124.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
51	25

4 147.182.162.240 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: jointhealthactivator.com

secure06v-userchase.x24hr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.216.178.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-178-53.compute-1.amazonaws.com

secure.revitalizejoints.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.213.165.149 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-149.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.178 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-178.fra56.r.cloudfront.net

d9i5ve8f04qxt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:275d:e00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.102 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

14623190.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
12763245.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
14029931.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.255 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States) 1 redirects

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.205.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-59.fra53.r.cloudfront.net

d1pqvb2h9xgm7r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:4e3a:eab5:4121:f8cd (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.216.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-216-113.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.162.206 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

service3.purehealthresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.96.124.156 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

w.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 70 14623190.fls.doubleclick.net — Cisco Umbrella Rank: 866504 ad.doubleclick.net — Cisco Umbrella Rank: 164 12763245.fls.doubleclick.net — Cisco Umbrella Rank: 706383 14029931.fls.doubleclick.net — Cisco Umbrella Rank: 621537 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	3 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	673 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 743 c.clarity.ms — Cisco Umbrella Rank: 1434 w.clarity.ms — Cisco Umbrella Rank: 7852	28 KB
5	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3581 tr.outbrain.com — Cisco Umbrella Rank: 3429 wave.outbrain.com — Cisco Umbrella Rank: 3472	10 KB
4	cloudfront.net d9i5ve8f04qxt.cloudfront.net d1pqvb2h9xgm7r.cloudfront.net	21 KB
4	x24hr.com secure06v-userchase.x24hr.com	25 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 4229 rp.liadm.com — Cisco Umbrella Rank: 1242 rp4.liadm.com — Cisco Umbrella Rank: 5750	37 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	3 KB
2	criteo.com dynamic.criteo.com — Cisco Umbrella Rank: 3735 gum.criteo.com — Cisco Umbrella Rank: 493	21 KB
2	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 5 region1.analytics.google.com — Cisco Umbrella Rank: 3125	460 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	81 KB
2	revitalizejoints.com secure.revitalizejoints.com	2 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 224	763 B
1	purehealthresearch.com service3.purehealthresearch.com — Cisco Umbrella Rank: 372566
1	google.de www.google.de — Cisco Umbrella Rank: 8088	63 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2355
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
51	18

	Domain	Requested by
8	www.googletagmanager.com	secure06v-userchase.x24hr.com www.googletagmanager.com
4	secure06v-userchase.x24hr.com	secure06v-userchase.x24hr.com
3	d1pqvb2h9xgm7r.cloudfront.net	d9i5ve8f04qxt.cloudfront.net
3	ad.doubleclick.net	secure06v-userchase.x24hr.com
3	fonts.gstatic.com	fonts.googleapis.com
2	w.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	www.facebook.com	secure06v-userchase.x24hr.com
2	14029931.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	12763245.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	tr.outbrain.com	amplify.outbrain.com
2	14623190.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.clarity.ms	secure06v-userchase.x24hr.com www.clarity.ms
2	amplify.outbrain.com	secure06v-userchase.x24hr.com amplify.outbrain.com
2	connect.facebook.net	secure06v-userchase.x24hr.com connect.facebook.net
2	secure.revitalizejoints.com	secure06v-userchase.x24hr.com secure.revitalizejoints.com
1	c.bing.com	1 redirects
1	service3.purehealthresearch.com	secure06v-userchase.x24hr.com
1	rp4.liadm.com	secure06v-userchase.x24hr.com
1	rp.liadm.com	1 redirects
1	gum.criteo.com	dynamic.criteo.com
1	www.google.de	secure06v-userchase.x24hr.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.google-analytics.com	secure06v-userchase.x24hr.com
1	region1.analytics.google.com	1 redirects
1	wave.outbrain.com	amplify.outbrain.com
1	b-code.liadm.com	www.googletagmanager.com
1	d9i5ve8f04qxt.cloudfront.net	www.googletagmanager.com
1	dynamic.criteo.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	secure06v-userchase.x24hr.com
1	www.google.com	1 redirects
1	fonts.googleapis.com	secure06v-userchase.x24hr.com
51	32

This site contains links to these domains. Also see Links.

Domain
www.nationhealthmd.com

Subject Issuer	Validity	Valid
jointhealthactivator.com R3	`2024-06-05` - `2024-09-03`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
secure.revitalizejoints.com Sectigo RSA Domain Validation Secure Server CA	`2024-06-03` - `2025-07-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-30` - `2024-06-28`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.de WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
service3.purehealthresearch.com R3	`2024-06-04` - `2024-09-02`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh

This page contains 5 frames:

Primary Page: https://secure06v-userchase.x24hr.com/privacy-policy
Frame ID: 1333371B44488C2BBA3A7DC4FDBA7D5A
Requests: 46 HTTP requests in this frame

Frame: https://14623190.fls.doubleclick.net/activityi;dc_pre=CMKXwczo7IYDFePHwgQdIsYDCA;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=3250482911972;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=694789027;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy
Frame ID: 401693CFC0409909AFDBF36FA138ECF0
Requests: 1 HTTP requests in this frame

Frame: https://12763245.fls.doubleclick.net/activityi;dc_pre=CMikw8zo7IYDFU7EwgQdXzsIZA;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=4228797661715;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=1566765404;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186757664z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy
Frame ID: 7008836F2620B02455934AC8AECF7249
Requests: 1 HTTP requests in this frame

Frame: https://14029931.fls.doubleclick.net/activityi;dc_pre=CPaixMzo7IYDFX_IwgQdKDYIXA;src=14029931;type=invmedia;cat=jc_al0;ord=1;num=1215446703898;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=120451890;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186768219z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy
Frame ID: EFA7B9B1C0AA9FA5C99573778C92AB10
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=secure06v-userchase.x24hr.com&origin=onetag
Frame ID: B56357CE05C97979A85D8DEAE76FB644
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Joint Complex

Page URL History Show full URLs

http://secure06v-userchase.x24hr.com/privacy-policy HTTP 307
https://secure06v-userchase.x24hr.com/privacy-policy Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

51
Requests

84 %
HTTPS

57 %
IPv6

18
Domains

32
Subdomains

25
IPs

5
Countries

950 kB
Transfer

2753 kB
Size

28
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.nationhealthmd.com/contact/
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secure06v-userchase.x24hr.com/privacy-policy HTTP 307
https://secure06v-userchase.x24hr.com/privacy-policy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=1007928576.1718977069&url=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy&dma_cps=sypham&dma=1&npa=0&gtm=45He46j0n81P6VCWSGv9132898246za200&auid=1910817890.1718977069 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=1007928576.1718977069&url=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy&dma_cps=sypham&dma=1&npa=0&gtm=45He46j0n81P6VCWSGv9132898246za200&auid=1910817890.1718977069

Request Chain 22

https://14623190.fls.doubleclick.net/activityi;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=3250482911972;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=694789027;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy HTTP 302
https://14623190.fls.doubleclick.net/activityi;dc_pre=CMKXwczo7IYDFePHwgQdIsYDCA;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=3250482911972;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=694789027;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy

Request Chain 28

https://12763245.fls.doubleclick.net/activityi;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=4228797661715;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=1566765404;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186757664z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy HTTP 302
https://12763245.fls.doubleclick.net/activityi;dc_pre=CMikw8zo7IYDFU7EwgQdXzsIZA;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=4228797661715;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=1566765404;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186757664z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy

Request Chain 30

https://14029931.fls.doubleclick.net/activityi;src=14029931;type=invmedia;cat=jc_al0;ord=1;num=1215446703898;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=120451890;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186768219z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy HTTP 302
https://14029931.fls.doubleclick.net/activityi;dc_pre=CPaixMzo7IYDFX_IwgQdKDYIXA;src=14029931;type=invmedia;cat=jc_al0;ord=1;num=1215446703898;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=120451890;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186768219z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy

Request Chain 32

https://region1.analytics.google.com/g/collect?v=2&tid=G-633CCXW5Y6&gtm=45je46j0v9171594360z89132898246za200zb9132898246&_p=1718977068257&_gaz=1&gcs=G111&gcd=13v3v3v2v5&npa=0&dma_cps=sypham&dma=1&tag_exp=0&cid=1979775179.1718977069&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718977068&sct=1&seg=0&dl=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy&dt=Joint%20Complex&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=910&_z=fetch HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1979775179.1718977069&dbk=10341174210322173949&dma=1&dma_cps=sypham&en=page_view&gcs=G111&gtm=45je46j0v9171594360z89132898246za200zb9132898246&npa=0&tid=G-633CCXW5Y6&dl=https%3A%2F%2Fsecure06v-userchase.x24hr.com%3F

Request Chain 39

https://rp.liadm.com/j?dtstmp=1718977068907&aid=b-00mi&se=e30&duid=fd32224a6768--01j0xg8zqh6t4nd2n3ffm0my5p&tv=v2.14.3&pu=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy&wpn=lc-bundle&cd=.x24hr.com&c=PHRpdGxlPkpvaW50IENvbXBsZXg8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPg HTTP 302
https://rp4.liadm.com/j?dtstmp=1718977068907&aid=b-00mi&se=e30&duid=fd32224a6768--01j0xg8zqh6t4nd2n3ffm0my5p&tv=v2.14.3&pu=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy&wpn=lc-bundle&cd=.x24hr.com&c=PHRpdGxlPkpvaW50IENvbXBsZXg8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPg&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOjhkZmU6YWExZDo0YTAy&n3pc=true

Request Chain 45

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=215862759DDC4678BE16B877C1B283E3&RedC=c.clarity.ms&MXFR=0427C59B324F65351CD2D13E364F6B4B HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=215862759DDC4678BE16B877C1B283E3&MUID=387D06E162B5684401E41244633E6933

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request privacy-policy Show response
secure06v-userchase.x24hr.com/
Redirect Chain

http://secure06v-userchase.x24hr.com/privacy-policy
https://secure06v-userchase.x24hr.com/privacy-policy

51 KB
16 KB

426ms
207ms

Document
text/html

147.182.162.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure06v-userchase.x24hr.com/privacy-policy
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 147.182.162.240 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jointhealthactivator.com
Software: nginx / Express
Resource Hash: bc62bb0cf8e624c4f80c58efbb62cec45ff146d5bc8facd5c12d1e009cd52380

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 21 Jun 2024 13:37:48 GMT
ETag: W/"caaf-PceRAMEzE7FJp97c8YSGooZk1jI"
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: Express

Redirect headers

Location: https://secure06v-userchase.x24hr.com/privacy-policy
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css2
fonts.googleapis.com/ 19 KB
2 KB 81ms
30ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap

Requested by

Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f299dc05168892710f9bdc0b79bdd8cff69490fce1379883b53fbe69dd610b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jun 2024 13:37:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 13:37:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jun 2024 13:37:48 GMT

GET
H/1.1 200
OK frame.svg
secure06v-userchase.x24hr.com/ 46 B
401 B 107ms
107ms Image
image/svg+xml 147.182.162.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure06v-userchase.x24hr.com/frame.svg
Requested by: Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 147.182.162.240 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jointhealthactivator.com
Software: nginx / Express
Resource Hash: 8d9b4b794affc5daf4eafa12e0c6294ab31aaeed330886145676bd6b832e8b98

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/privacy-policy
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 13:37:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Jun 2024 07:06:55 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"2e-18fec5f3cdd"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Connection: keep-alive

GET
H2 200 UCAffiliateNetworkPixel Show response
secure.revitalizejoints.com/cgi-bin/ 2 KB
1 KB 418ms
134ms Script
text/javascript 44.216.178.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.revitalizejoints.com/cgi-bin/UCAffiliateNetworkPixel

Requested by

Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.178.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-178-53.compute-1.amazonaws.com

Software

Apache /

Resource Hash

0e9a75e38a031b9b09c05c8d122817256fac59698e92fce19dd1816c04a27ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:37:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 855

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 352 KB
110 KB 103ms
55ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Requested by

Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6327dcc47361032360100d58de5b3046e3300a592c901b3677a8e479f77099f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:37:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111956
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 13:37:48 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 68ms
22ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 13:37:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1328, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: xwiqDB6p4a983ijdYKQhxV/le1s2NkD/F9M0d9qNZqtjSTx1593XpQ0tIqNeioWcOqbvVVAiD9JbByL4atwtmw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 79ms
28ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://secure06v-userchase.x24hr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:43:19 GMT
x-content-type-options: nosniff
age: 255269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:43:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 73ms
22ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://secure06v-userchase.x24hr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:50:02 GMT
x-content-type-options: nosniff
age: 254866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:50:02 GMT

GET
H2 200 1564727430697990 Show response
connect.facebook.net/signals/config/ 110 KB
22 KB 176ms
176ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1564727430697990?v=2.9.158&r=stable&domain=secure06v-userchase.x24hr.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fbd723093c384f3b80dd2349805f41766ad1b5d5298bd092f31eb38c310d2289

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jun 2024 13:37:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=63, mss=1328, tbw=63548, tp=-1, tpl=-1, uplat=152, ullat=0
pragma: public
x-fb-debug: jRf5oHKn0eT8zBCnM5e0EH7TP+EeNe6OQoGY2vKT4HiJ5KV6M6TkSmce7E24RexZFXdK/w4b5gtXxo0K4MkRwQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK nation-health-md-logo.svg
secure06v-userchase.x24hr.com/svg/ 16 KB
7 KB 115ms
115ms Image
image/svg+xml 147.182.162.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure06v-userchase.x24hr.com/svg/nation-health-md-logo.svg
Requested by: Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 147.182.162.240 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jointhealthactivator.com
Software: nginx / Express
Resource Hash: f5bc25535151a9ce42e41aeba2d297a984f1b0d8352cbc769803439405f6744b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/privacy-policy
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 13:37:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Jun 2024 07:06:55 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"4016-18fec5f3cf1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Connection: keep-alive

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=1007928576.1718977069&url=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy&dma_cps=sypham&dma=1&npa=0&gtm=45H...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=1007928576.1718977069&url=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy&dma_cps=sypham&dma=1&...

42 B
65 B

113ms
65ms

Ping
image/gif

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=1007928576.1718977069&url=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy&dma_cps=sypham&dma=1&npa=0&gtm=45He46j0n81P6VCWSGv9132898246za200&auid=1910817890.1718977069

Requested by

Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy

Protocol

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://secure06v-userchase.x24hr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 13:37:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jun 2024 13:37:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5&tag_exp=0&rnd=1007928576.1718977069&url=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy&dma_cps=sypham&dma=1&npa=0&gtm=45He46j0n81P6VCWSGv9132898246za200&auid=1910817890.1718977069
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
105 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-633CCXW5Y6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d868a00e9bbb9ef988760e5ea4b761945e0c6f17eda813df43176c62f6658fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:37:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107169
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jun 2024 13:37:48 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-12763245&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23a6e64705c3568119365f704bf856b228f8f98a38047827a267b1f60a689fea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:37:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78113
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 13:37:48 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-14029931&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10e08a9e416dbfbaa3ccc09fe06bd0df8fd0061761103c07fdef21adca4e2d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:37:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78062
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 13:37:48 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-14623190&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

590582f1fd3b819e5d541c01a53c9c570048d1722b2fdc4cc1164177e22aee20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:37:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78105
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 13:37:48 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 48 KB
21 KB 148ms
70ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=108887

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

23c74f06dd5fb3d3c2f743c0908840a78da0c0869566daa3c82676a7449dd590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:37:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 28 KB
9 KB 86ms
25ms Script
application/x-javascript 23.213.165.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 195b49c1fbbf280599238e690f8a3c7e31c8608385a6ae21e90b0798baced2ea

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 13:37:48 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2024 07:06:19 GMT
Server: AkamaiNetStorage
ETag: "f0a2b8e957b7536ea57179b045ad847a:1718955959.776503"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8611
Expires: Fri, 21 Jun 2024 13:57:48 GMT

GET
H2 200 collect-g.js Show response
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 105 KB
20 KB 93ms
24ms Script
application/x-javascript 13.32.23.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.reviatlizejoints.com
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-178.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02660f9cd38ea499474d8ead6fd8657654ecea09aab69ebb18a33da225532b59

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 20:33:41 GMT
content-encoding: gzip
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 493448
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 20267
last-modified: Fri, 07 Jun 2024 12:33:01 GMT
server: AmazonS3
etag: "44e5d70201f94ea2f3efea5821f4c161"
content-type: application/x-javascript; charset=UTF-8
cache-control: max-age=604800,s-maxage=604800
accept-ranges: bytes
x-amz-cf-id: VwG6acoMy4EDl6bA8LQS4zJSDEhnCJJOiHxX5AFQwICoUXKOyVPF3w==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 65ms
63ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12763245

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e0222fe4985d02411ce82799570064de0878384d5f6dc3a5fa30df8ec156a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:37:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78083
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 13:37:48 GMT

GET
H2 200 b-00mi.min.js Show response
b-code.liadm.com/ 101 KB
36 KB 79ms
25ms Script
application/javascript 2600:9000:275d:e00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/b-00mi.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:e00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d8cbf349e8e76614dd043c59192eaab504f896ef4ac614d5a83a00d3d2bc8ac5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 10:26:10 GMT
content-encoding: gzip
via: 1.1 cbad29402e4e90baabe7151c3f1203b6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 11498
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: pkYPXRHDbpnRifBbO3lVGF7_XIbqeChlp4mPisRnZBCD_snximpJ0A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 74ms
73ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-14029931

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd69177931013331db1d62343abbb7acd267ad42d21f51fc973624f787e0857c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:37:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78095
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 13:37:48 GMT

GET
H2 200 lk2hxquxhr Show response
www.clarity.ms/tag/ 637 B
1002 B 1010ms
935ms Script
application/x-javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/lk2hxquxhr?ref=gtm2
Requested by: Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 18162d1eb62d8df52d9c9bda5b710313ac1f51aa5a4819a58b7cfcaf8d6329f1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Fri, 21 Jun 2024 13:37:49 GMT
x-azure-ref: 20240621T133748Z-15f57b858d44wsghwfngkpdrv00000000bng000000004wm0
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 637
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 88ms
87ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-14623190

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6VCWSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b23bb90e3eb70a78365a60083d5f84e8c21c746ce763e3c7ce52daedfa6d0605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:37:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78074
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jun 2024 13:37:48 GMT

GET
H2

200

activityi;dc_pre=CMKXwczo7IYDFePHwgQdIsYDCA;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=3250482911972;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=694789027;uaa=x86;uab=64;uafvl=Not%252FA)Brand...
14623190.fls.doubleclick.net/ Frame 4016
Redirect Chain

https://14623190.fls.doubleclick.net/activityi;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=3250482911972;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=694789027;uaa=x86;uab=64;uafvl=Not%252FA)Br...
https://14623190.fls.doubleclick.net/activityi;dc_pre=CMKXwczo7IYDFePHwgQdIsYDCA;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=3250482911972;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=694789027...

0
0

191ms
190ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14623190.fls.doubleclick.net/activityi;dc_pre=CMKXwczo7IYDFePHwgQdIsYDCA;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=3250482911972;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=694789027;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14623190&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://secure06v-userchase.x24hr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 696
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jun 2024 13:37:48 GMT
expires: Fri, 21 Jun 2024 13:37:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jun 2024 13:37:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://14623190.fls.doubleclick.net/activityi;dc_pre=CMKXwczo7IYDFePHwgQdIsYDCA;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=3250482911972;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=694789027;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=3250482911972;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=694789027;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7C...
ad.doubleclick.net/ 0
24 B 212ms
180ms Image
image/png 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=14623190;type=invmedia;cat=jc_al0;ord=1;num=3250482911972;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=694789027;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186162005z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy?

Requested by

Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:37:48 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"14794490090717277008"}],"aggregatable_trigger_data":[{"filters":[{"14":["102347144"]}],"key_piece":"0x6fff8fa294c2dcae","source_keys":["12","13","14","15","16","17","18","19","20","21","15706748","15706749","15706750","15706751","15712840","15712841","15712842","15712843"]},{"key_piece":"0xf4bbcd6f20915723","not_filters":{"14":["102347144"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","15706748","15706749","15706750","15706751","15712840","15712841","15712842","15712843"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"15706748":655,"15706749":655,"15706750":655,"15706751":63569,"15712840":327,"15712841":327,"15712842":327,"15712843":31784,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"11842254780441294241","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"14794490090717277008","filters":[{"14":["102347144"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"14794490090717277008","filters":[{"14":["102347144"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"14794490090717277008","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"14794490090717277008","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14623190"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
attribution-reporting-info: preferred-platform=os
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
529 B 493ms
122ms Ping
image/gif 64.74.236.255
INTERNAP-BLK5

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?optOut=false&bust=0999697921930377&referrer=&cht=gtm&marketerId=003a426391e24cb97c764e3405bdf58fc2&name=PAGE_VIEW&dl=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy&g=1&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.74.236.255 , United States, ASN19024 (INTERNAP-BLK5, US),

Reverse DNS

chi.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 13:37:49 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET, POST
Content-Type: image/gif;
Access-Control-Allow-Origin: https://secure06v-userchase.x24hr.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-TraceId: 729c99cefc28e0623796e49ee6fc2f7a
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Length: 54

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 498ms
130ms Script
application/javascript 64.74.236.255
INTERNAP-BLK5

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=003a426391e24cb97c764e3405bdf58fc2

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.74.236.255 , United States, ASN19024 (INTERNAP-BLK5, US),

Reverse DNS

chi.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 13:37:49 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 3b349cc929cc572176043bfe5a29ee37
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 003a426391e24cb97c764e3405bdf58fc2 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 83ms
31ms Script
text/html 23.213.165.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/003a426391e24cb97c764e3405bdf58fc2

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-165-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Fri, 21 Jun 2024 13:37:48 GMT
ob-sent-time: 1718927689349
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: a75945c8fae27c0f23cb375a06b2b442
Content-Length: 22
Expires: Fri, 21 Jun 2024 13:38:48 GMT

GET
H/1.1 200
OK topics Show response
amplify.outbrain.com/ 26 B
301 B 69ms
21ms Fetch
text/html 23.213.165.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/topics
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-149.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 13:37:48 GMT
Observe-Browsing-Topics: ?1
Content-Type: text/html
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Content-Length: 26
Expires: Fri, 21 Jun 2024 13:57:48 GMT

GET
H2

200

activityi;dc_pre=CMikw8zo7IYDFU7EwgQdXzsIZA;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=4228797661715;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=1566765404;uaa=x86;uab=64;uafvl=Not%252FA)Bran...
12763245.fls.doubleclick.net/ Frame 7008
Redirect Chain

https://12763245.fls.doubleclick.net/activityi;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=4228797661715;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=1566765404;uaa=x86;uab=64;uafvl=Not%252FA)B...
https://12763245.fls.doubleclick.net/activityi;dc_pre=CMikw8zo7IYDFU7EwgQdXzsIZA;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=4228797661715;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=156676540...

0
0

184ms
183ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12763245.fls.doubleclick.net/activityi;dc_pre=CMikw8zo7IYDFU7EwgQdXzsIZA;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=4228797661715;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=1566765404;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186757664z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12763245&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://secure06v-userchase.x24hr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 695
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jun 2024 13:37:49 GMT
expires: Fri, 21 Jun 2024 13:37:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jun 2024 13:37:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12763245.fls.doubleclick.net/activityi;dc_pre=CMikw8zo7IYDFU7EwgQdXzsIZA;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=4228797661715;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=1566765404;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186757664z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=4228797661715;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=1566765404;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7...
ad.doubleclick.net/ 0
24 B 186ms
186ms Image
image/png 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=12763245;type=invmedia;cat=jc_al0;ord=1;num=4228797661715;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=1566765404;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186757664z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy?

Requested by

Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:37:48 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"11686765988706198068"}],"aggregatable_trigger_data":[{"filters":[{"14":["19584294"]}],"key_piece":"0x30cee81f6de76e35","source_keys":["12","13","14","15","16","17","18","19","20","21","628553064","628553065","628553066","628553067","628697428","628697429","628697430","628697431","634797148","634797149","634797150","634797151","634878432","634878433","634878434","634878435"]},{"key_piece":"0x277f7e0b67dfa52b","not_filters":{"14":["19584294"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628553064","628553065","628553066","628553067","628697428","628697429","628697430","628697431","634797148","634797149","634797150","634797151","634878432","634878433","634878434","634878435"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628553064":40,"628553065":40,"628553066":40,"628553067":3973,"628697428":38,"628697429":38,"628697430":38,"628697431":3739,"634797148":32,"634797149":32,"634797150":32,"634797151":3177,"634878432":32,"634878433":32,"634878434":32,"634878435":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"18261384017746117788","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"11686765988706198068","filters":[{"14":["19584294"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"11686765988706198068","filters":[{"14":["19584294"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"11686765988706198068","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"11686765988706198068","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12763245"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
attribution-reporting-info: preferred-platform=os
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CPaixMzo7IYDFX_IwgQdKDYIXA;src=14029931;type=invmedia;cat=jc_al0;ord=1;num=1215446703898;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=120451890;uaa=x86;uab=64;uafvl=Not%252FA)Brand...
14029931.fls.doubleclick.net/ Frame EFA7
Redirect Chain

https://14029931.fls.doubleclick.net/activityi;src=14029931;type=invmedia;cat=jc_al0;ord=1;num=1215446703898;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=120451890;uaa=x86;uab=64;uafvl=Not%252FA)Br...
https://14029931.fls.doubleclick.net/activityi;dc_pre=CPaixMzo7IYDFX_IwgQdKDYIXA;src=14029931;type=invmedia;cat=jc_al0;ord=1;num=1215446703898;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=120451890...

0
0

191ms
191ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14029931.fls.doubleclick.net/activityi;dc_pre=CPaixMzo7IYDFX_IwgQdKDYIXA;src=14029931;type=invmedia;cat=jc_al0;ord=1;num=1215446703898;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=120451890;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186768219z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14029931&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://secure06v-userchase.x24hr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 697
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jun 2024 13:37:49 GMT
expires: Fri, 21 Jun 2024 13:37:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jun 2024 13:37:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://14029931.fls.doubleclick.net/activityi;dc_pre=CPaixMzo7IYDFX_IwgQdKDYIXA;src=14029931;type=invmedia;cat=jc_al0;ord=1;num=1215446703898;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=120451890;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186768219z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=14029931;type=invmedia;cat=jc_al0;ord=1;num=1215446703898;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=120451890;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7C...
ad.doubleclick.net/ 0
24 B 341ms
340ms Image
image/png 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=14029931;type=invmedia;cat=jc_al0;ord=1;num=1215446703898;npa=0;auiddc=1910817890.1718977069;ps=1;pcor=120451890;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9186768219z89132898246za201zb9132898246;gcs=G111;gcd=13v3v3v2v5;dma_cps=sypham;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy?

Requested by

Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:37:48 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"18010925029059229010"}],"aggregatable_trigger_data":[{"filters":[{"14":["73371877"]}],"key_piece":"0xb5e4e09d37713d9b","source_keys":["12","13","14","15","16","17","18","19","20","21","628532748","628532749","628532750","628532751","628755824","628755825","628755826","628755827","634785540","634785541","634785542","634785543","634911708","634911709","634911710","634911711"]},{"key_piece":"0x6fd73c1d88dda041","not_filters":{"14":["73371877"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628532748","628532749","628532750","628532751","628755824","628755825","628755826","628755827","634785540","634785541","634785542","634785543","634911708","634911709","634911710","634911711"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628532748":65,"628532749":65,"628532750":65,"628532751":6356,"628755824":81,"628755825":81,"628755826":81,"628755827":7946,"634785540":50,"634785541":50,"634785542":50,"634785543":4889,"634911708":54,"634911709":54,"634911710":54,"634911711":5297},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"14188439394238572094","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"18010925029059229010","filters":[{"14":["73371877"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"18010925029059229010","filters":[{"14":["73371877"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"18010925029059229010","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"18010925029059229010","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14029931"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
attribution-reporting-info: preferred-platform=os
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-633CCXW5Y6&gtm=45je46j0v9171594360z89132898246za200zb9132898246&_p=1718977068257&_gaz=1&gcs=G111&gcd=13v3v3v2v5&npa=0&dma_cps=sypham&dma=1&t...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1979775179.1718977069&dbk=10341174210322173949&dma=1&dma_cps=sypham&en=page_view&gcs=G111&gtm=45je46j0v9171594360z8...

0
0

79ms
78ms

Fetch
text/plain

2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1979775179.1718977069&dbk=10341174210322173949&dma=1&dma_cps=sypham&en=page_view&gcs=G111&gtm=45je46j0v9171594360z89132898246za200zb9132898246&npa=0&tid=G-633CCXW5Y6&dl=https%3A%2F%2Fsecure06v-userchase.x24hr.com%3F
Requested by: Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy
Protocol: H2
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://secure06v-userchase.x24hr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 13:37:48 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jun 2024 13:37:48 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1979775179.1718977069&dbk=10341174210322173949&dma=1&dma_cps=sypham&en=page_view&gcs=G111&gtm=45je46j0v9171594360z89132898246za200zb9132898246&npa=0&tid=G-633CCXW5Y6&dl=https%3A%2F%2Fsecure06v-userchase.x24hr.com%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 534
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 88ms
30ms Ping
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-633CCXW5Y6&cid=1979775179.1718977069&gtm=45je46j0v9171594360z89132898246za200zb9132898246&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13v3v3v2v5&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-633CCXW5Y6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 13:37:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure06v-userchase.x24hr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 83ms
52ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-633CCXW5Y6&cid=1979775179.1718977069&gtm=45je46j0v9171594360z89132898246za200zb9132898246&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13v3v3v2v5&npa=0&frm=0&z=692850983

Requested by

Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 13:37:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 64ms
21ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1564727430697990&ev=PageView&dl=https%3A%2F%2Fsecure06v-userchase.x24hr.com&rl=&if=false&ts=1718977068756&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4124&fbp=fb.1.1718977068753.793536359757963937&pm=1&hrl=0249f0&ler=empty&cdl=API_unavailable&it=1718977068456&coo=false&cs_cc=1&cas=7380041312118141%2C26332012029719400%2C25244837875161197%2C25587148440930691%2C7537928146268527%2C7569768856423732%2C7811743605505317%2C6956987794406958%2C7643965295683699%2C7016066221832938%2C7034340400026828%2C7499405630081412%2C7849319038452565%2C7531362440252487%2C25098821783099281%2C6719320041512443%2C7102936886501940%2C8276521995696166%2C6962207387217245%2C25483935424583699%2C7553474568045692%2C7421018521278531%2C7458278260953465%2C7341818752581711%2C7638175802899297%2C6915087971930441%2C6641473062599882%2C6275549069200359%2C7491519880884208%2C6070152103082584%2C6229531447108410%2C7346808755354401%2C7383774944992711%2C8770218846327864&rqm=GET

Requested by

Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1328, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jun 2024 13:37:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 196ms
153ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1564727430697990&ev=PageView&dl=https%3A%2F%2Fsecure06v-userchase.x24hr.com&rl=&if=false&ts=1718977068756&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4124&fbp=fb.1.1718977068753.793536359757963937&pm=1&hrl=0249f0&ler=empty&cdl=API_unavailable&it=1718977068456&coo=false&cs_cc=1&cas=7380041312118141%2C26332012029719400%2C25244837875161197%2C25587148440930691%2C7537928146268527%2C7569768856423732%2C7811743605505317%2C6956987794406958%2C7643965295683699%2C7016066221832938%2C7034340400026828%2C7499405630081412%2C7849319038452565%2C7531362440252487%2C25098821783099281%2C6719320041512443%2C7102936886501940%2C8276521995696166%2C6962207387217245%2C25483935424583699%2C7553474568045692%2C7421018521278531%2C7458278260953465%2C7341818752581711%2C7638175802899297%2C6915087971930441%2C6641473062599882%2C6275549069200359%2C7491519880884208%2C6070152103082584%2C6229531447108410%2C7346808755354401%2C7383774944992711%2C8770218846327864&rqm=FGET

Requested by

Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x7149f4243c1810ba","source_keys":["1","2"]},{"key_piece":"0x433d39a3fb3f2fdf","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 21 Jun 2024 13:37:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382950290824553127", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1328, tbw=3094, tp=-1, tpl=-1, uplat=131, ullat=0
pragma: no-cache
x-fb-debug: fUelYGmXbCrTV46NRXxIXFnQ38TfC4hfkxsJBiuWUw/hVJftTu9BieTZosKbbG02/YbBjznIKzo11lX/jkQv3w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382950290824553127"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 id Show response
d1pqvb2h9xgm7r.cloudfront.net/v1/ 29 B
370 B 406ms
348ms XHR
text/plain 143.204.205.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/id?channel=secure.reviatlizejoints.com
Requested by: Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.reviatlizejoints.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-59.fra53.r.cloudfront.net
Software: /
Resource Hash: bd8e9ecccfc7bb892bc63c217190dd253bf59bb6b4bf3233871c82639812ec68

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:37:49 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: date, x-api-id
alt-svc: h3=":443"; ma=86400
content-length: 29
apigw-requestid: ZuFHFgEsIAMEVyg=
x-amz-cf-id: 1NjHapr2x28-e6k0bZKJ0cdAZ-wv_DRVN-CcTu2fKjR9iVOP01lzsA==

GET
H2 200 syncframe
gum.criteo.com/ Frame B563 0
0 137ms
46ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=secure06v-userchase.x24hr.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=108887

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://secure06v-userchase.x24hr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jun 2024 13:37:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 395329
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1718977068907&aid=b-00mi&se=e30&duid=fd32224a6768--01j0xg8zqh6t4nd2n3ffm0my5p&tv=v2.14.3&pu=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy&wpn=lc-bundle&...
https://rp4.liadm.com/j?dtstmp=1718977068907&aid=b-00mi&se=e30&duid=fd32224a6768--01j0xg8zqh6t4nd2n3ffm0my5p&tv=v2.14.3&pu=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy&wpn=lc-bundle...

13 B
348 B

358ms
116ms

XHR
application/json

35.171.216.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?dtstmp=1718977068907&aid=b-00mi&se=e30&duid=fd32224a6768--01j0xg8zqh6t4nd2n3ffm0my5p&tv=v2.14.3&pu=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy&wpn=lc-bundle&cd=.x24hr.com&c=PHRpdGxlPkpvaW50IENvbXBsZXg8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPg&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOjhkZmU6YWExZDo0YTAy&n3pc=true
Requested by: Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy
Protocol: H2
Server: 35.171.216.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-216-113.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://secure06v-userchase.x24hr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 21 Jun 2024 13:37:49 GMT
x-pixel-event-id: 48bc8b6c-5ed8-44c0-a50d-8292b9faaef1
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?dtstmp=1718977068907&aid=b-00mi&se=e30&duid=fd32224a6768--01j0xg8zqh6t4nd2n3ffm0my5p&tv=v2.14.3&pu=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy&wpn=lc-bundle&cd=.x24hr.com&c=PHRpdGxlPkpvaW50IENvbXBsZXg8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSIiPg&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOjhkZmU6YWExZDo0YTAy&n3pc=true
access-control-allow-origin: https://secure06v-userchase.x24hr.com
date: Fri, 21 Jun 2024 13:37:49 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H2 200 UCAffiliateNetworkPixel
secure.revitalizejoints.com/cgi-bin/ 0
380 B 129ms
129ms Stylesheet
text/plain 44.216.178.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.revitalizejoints.com/cgi-bin/UCAffiliateNetworkPixel?t=0.09823808685238777&r=&u=https%3A%2F%2Fsecure06v-userchase.x24hr.com%2Fprivacy-policy
Requested by: Host: secure.revitalizejoints.com
URL: https://secure.revitalizejoints.com/cgi-bin/UCAffiliateNetworkPixel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.216.178.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-216-178-53.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:37:48 GMT
content-length: 0
server: Apache

POST
H2 200 rt Show response
d1pqvb2h9xgm7r.cloudfront.net/v1/ 514 B
885 B 319ms
319ms XHR
text/xml 143.204.205.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by: Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.reviatlizejoints.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-59.fra53.r.cloudfront.net
Software: /
Resource Hash: c4f4c87ab51c9d0f4ba72aa77118a91f10c669a8bf765e95758e405283c73faf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 21 Jun 2024 13:37:49 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 0a224583-1f00-51bb-a0d9-1b6c9b6d5145
x-cache: Miss from cloudfront
content-type: text/xml
access-control-allow-origin: *
access-control-expose-headers: date, x-api-id
alt-svc: h3=":443"; ma=86400
content-length: 514
apigw-requestid: ZuFHJidZoAMEbGw=
x-amz-cf-id: DkuQtm6snPkm9Iw0jHp9ACx-Hj6uPZ0iDslX8WgGIJCtxC1AzgxoTQ==

OPTIONS
H2 204 rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 0
0 21ms
20ms Preflight 143.204.205.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-59.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure06v-userchase.x24hr.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 300
age: 32126
alt-svc: h3=":443"; ma=86400
apigw-requestid: Zs2riim6oAMES2g=
date: Fri, 21 Jun 2024 04:42:23 GMT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-id: IR2c7KbtBFu4VHZUavt13GVwvuWITb1_paGhi4j5AtxWsyLcryuruw==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 43ms
42ms Script
application/javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/lk2hxquxhr?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 13:37:49 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240621T133749Z-15f57b858d44wsghwfngkpdrv00000000bng000000004wn9
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 3b2d0378-601e-0050-1f7f-bdec8b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H/1.1 201
Created adnypeu
service3.purehealthresearch.com/ 0
0 322ms
103ms Fetch 134.209.162.206
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://service3.purehealthresearch.com/adnypeu
Requested by: Host: secure06v-userchase.x24hr.com
URL: https://secure06v-userchase.x24hr.com/privacy-policy
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 134.209.162.206 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Jun 2024 13:37:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Access-Control-Allow-Methods: GET

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=215862759DDC4678BE16B877C1B283E3&RedC=c.clarity.ms&MXFR=0427C59B324F65351CD2D13E364F6B4B
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=215862759DDC4678BE16B877C1B283E3&MUID=387D06E162B5684401E41244633E6933

42 B
442 B

47ms
46ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=215862759DDC4678BE16B877C1B283E3&MUID=387D06E162B5684401E41244633E6933
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://secure06v-userchase.x24hr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 13:37:49 GMT
last-modified: Wed, 19 Jun 2024 18:40:50 GMT
server: Microsoft-IIS/10.0
etag: "2c9f213578c2da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 21 Jun 2024 13:37:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 194BE71503914E98AE979155A2FA114C Ref B: FRA31EDGE0510 Ref C: 2024-06-21T13:37:49Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=215862759DDC4678BE16B877C1B283E3&MUID=387D06E162B5684401E41244633E6933
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK favicon.png
secure06v-userchase.x24hr.com/img/ 2 KB
2 KB 107ms
106ms Other
image/png 147.182.162.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure06v-userchase.x24hr.com/img/favicon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 147.182.162.240 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: jointhealthactivator.com
Software: nginx / Express
Resource Hash: 20d1160d4baa8eb4c0ad192f9497de3a531a2a2d4357006ea7d5bb29f8b0d838

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure06v-userchase.x24hr.com/privacy-policy
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 13:37:49 GMT
Last-Modified: Thu, 06 Jun 2024 07:06:55 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"788-18fec5f3cdd"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1928

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
293 B 517ms
265ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://secure06v-userchase.x24hr.com
Date: Fri, 21 Jun 2024 13:37:50 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://secure06v-userchase.x24hr.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:55:46 GMT
x-content-type-options: nosniff
age: 254523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:55:46 GMT

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
293 B 118ms
118ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://secure06v-userchase.x24hr.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://secure06v-userchase.x24hr.com
Date: Fri, 21 Jun 2024 13:37:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 07:05:37	Name: lidid Value: 18d4479b-c6c2-4214-aaad-2bb70b506b4e
.x24hr.com/	1970-01-20 23:39:13	Name: _gcl_au Value: 1.1.1910817890.1718977069
.x24hr.com/	1970-01-21 07:05:37	Name: _ga_633CCXW5Y6 Value: GS1.1.1718977068.1.0.1718977068.60.0.0
.x24hr.com/	1970-01-21 07:05:37	Name: _ga Value: GA1.1.1979775179.1718977069
.x24hr.com/	1970-01-20 23:39:13	Name: _fbp Value: fb.1.1718977068753.793536359757963937
.x24hr.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .x24hr.com
.x24hr.com/	1970-01-21 07:05:37	Name: _lc2_fpi Value: fd32224a6768--01j0xg8zqh6t4nd2n3ffm0my5p
.x24hr.com/	1970-01-21 07:05:37	Name: _lc2_fpi_meta Value: {%22w%22:1718977068785}
.doubleclick.net/	1970-01-20 22:12:49	Name: ar_debug Value: 1
.criteo.com/	1970-01-21 06:51:13	Name: uid Value: 59fd9962-e198-4214-8df7-6abc4663a6e9
.criteo.com/	1970-01-21 06:51:13	Name: receive-cookie-deprecation Value: 1
secure.revitalizejoints.com/	1970-01-20 21:39:41	Name: AWSALBCORS Value: 4ywkiHkbqKBGjFuii1UZDNhdI1OOuvsl+XMYED4mA9MXaqGSQMhumjiDLmQBDYBR5luHtzI0pygxtf4lO2XGBFmRUpzTIwxK+TDVMCQuXmu0cZ0Gyoed62RQNxfa
.doubleclick.net/	1970-01-21 01:48:49	Name: receive-cookie-deprecation Value: 1
.x24hr.com/	1970-01-21 06:59:01	Name: cto_bundle Value: CytZ1F92T0VyTGtQSFRORSUyRlg1aiUyRlVsNm5aNVZXVXFWeUxvZyUyRjloZFRDNlRkTVMyJTJGV1lDaVBJbU15N3VXV253YUFGWUlYUG9nNVowVmNhMm82TkZTaGFlekdGU1dWWE9nJTJGUDNyZ2dtZHlyWDdndktKS2VsSUU1JTJCYmhGd2dJQ3J4TlRHWkZYQmFUSU5CN1FGUlRwc0xSMG9DZWclM0QlM0Q
secure06v-userchase.x24hr.com/	1970-01-20 21:29:37	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1718977069153%7D
.x24hr.com/	1970-01-21 06:15:13	Name: ucacid Value: 755112660.622197
.doubleclick.net/	1970-01-21 06:51:13	Name: IDE Value: AHWqTUmL1vaElWoaTp6_RETvcaY69jn9VmlMgZIDZiWtagp5Ph9E7kH3QtRmEWHUJts
.liadm.com/	1970-01-21 07:05:37	Name: lidid Value: 18d4479b-c6c2-4214-aaad-2bb70b506b4e
www.clarity.ms/	1970-01-21 06:15:13	Name: CLID Value: 07d6e64e874d426d87ff1c3d4b817e2c.20240621.20250621
.x24hr.com/	1970-01-21 06:15:13	Name: _clck Value: 15snpxa%7C2%7Cfmt%7C0%7C1633
.bing.com/	1970-01-21 06:51:13	Name: MUID Value: 387D06E162B5684401E41244633E6933
.c.bing.com/	1970-01-20 21:39:41	Name: MR Value: 0
.c.bing.com/	1970-01-21 06:51:13	Name: SRM_B Value: 387D06E162B5684401E41244633E6933
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 06:51:13	Name: MUID Value: 387D06E162B5684401E41244633E6933
.c.clarity.ms/	1970-01-20 21:39:41	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:29:37	Name: ANONCHK Value: 0
.x24hr.com/	1970-01-20 21:31:03	Name: _clsk Value: rakr1o%7C1718977070207%7C1%7C1%7Cw.clarity.ms%2Fcollect

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12763245.fls.doubleclick.net
14029931.fls.doubleclick.net
14623190.fls.doubleclick.net
ad.doubleclick.net
amplify.outbrain.com
b-code.liadm.com
c.bing.com
c.clarity.ms
connect.facebook.net
d1pqvb2h9xgm7r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
dynamic.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
region1.analytics.google.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
secure.revitalizejoints.com
secure06v-userchase.x24hr.com
service3.purehealthresearch.com
stats.g.doubleclick.net
tr.outbrain.com
w.clarity.ms
wave.outbrain.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
13.32.23.178
134.209.162.206
142.250.185.70
143.204.205.59
147.182.162.240
172.217.18.102
2001:4860:4802:32::36
23.213.165.149
23.96.124.156
2600:1f18:730:b120:4e3a:eab5:4121:f8cd
2600:9000:275d:e00:8:8845:1500:93a1
2620:1ec:29:1::45
2620:1ec:c11::237
2a00:1450:4001:800::2002
2a00:1450:4001:803::200a
2a00:1450:4001:806::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:829::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c1b::9b
2a02:2638:3::c
2a02:2638:3::e
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
35.171.216.113
44.216.178.53
64.74.236.255
68.219.88.97
02660f9cd38ea499474d8ead6fd8657654ecea09aab69ebb18a33da225532b59
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0e0222fe4985d02411ce82799570064de0878384d5f6dc3a5fa30df8ec156a4a
0e9a75e38a031b9b09c05c8d122817256fac59698e92fce19dd1816c04a27ef9
10e08a9e416dbfbaa3ccc09fe06bd0df8fd0061761103c07fdef21adca4e2d11
18162d1eb62d8df52d9c9bda5b710313ac1f51aa5a4819a58b7cfcaf8d6329f1
195b49c1fbbf280599238e690f8a3c7e31c8608385a6ae21e90b0798baced2ea
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
20d1160d4baa8eb4c0ad192f9497de3a531a2a2d4357006ea7d5bb29f8b0d838
23a6e64705c3568119365f704bf856b228f8f98a38047827a267b1f60a689fea
23c74f06dd5fb3d3c2f743c0908840a78da0c0869566daa3c82676a7449dd590
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
590582f1fd3b819e5d541c01a53c9c570048d1722b2fdc4cc1164177e22aee20
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
6327dcc47361032360100d58de5b3046e3300a592c901b3677a8e479f77099f1
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
8d9b4b794affc5daf4eafa12e0c6294ab31aaeed330886145676bd6b832e8b98
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b23bb90e3eb70a78365a60083d5f84e8c21c746ce763e3c7ce52daedfa6d0605
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
bc62bb0cf8e624c4f80c58efbb62cec45ff146d5bc8facd5c12d1e009cd52380
bd8e9ecccfc7bb892bc63c217190dd253bf59bb6b4bf3233871c82639812ec68
c4f4c87ab51c9d0f4ba72aa77118a91f10c669a8bf765e95758e405283c73faf
d868a00e9bbb9ef988760e5ea4b761945e0c6f17eda813df43176c62f6658fd6
d8cbf349e8e76614dd043c59192eaab504f896ef4ac614d5a83a00d3d2bc8ac5
dd69177931013331db1d62343abbb7acd267ad42d21f51fc973624f787e0857c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f299dc05168892710f9bdc0b79bdd8cff69490fce1379883b53fbe69dd610b35
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5bc25535151a9ce42e41aeba2d297a984f1b0d8352cbc769803439405f6744b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fbd723093c384f3b80dd2349805f41766ad1b5d5298bd092f31eb38c310d2289

secure06v-userchase.x24hr.com Open in urlscan Pro 147.182.162.240 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

84 %HTTPS

57 %IPv6

18 Domains

32 Subdomains

25 IPs

5 Countries

950 kBTransfer

2753 kBSize

28 Cookies

1 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure06v-userchase.x24hr.com Open in urlscan Pro
147.182.162.240 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

84 %
HTTPS

57 %
IPv6

18
Domains

32
Subdomains

25
IPs

5
Countries

950 kB
Transfer

2753 kB
Size

28
Cookies

51 HTTP transactions
0 data transactions