healthybodynow.net Open in urlscan Pro
2606:4700:3108::ac42:2b28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://healthybodynowtoday.com/
Effective URL:
https://healthybodynow.net/
Submission Tags: phishingrod
Submission: On January 27 via api (January 27th 2024, 3:55:09 pm UTC) from DE — Scanned from DE

Summary HTTP 138 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 138 HTTP transactions. The main IP is 2606:4700:3108::ac42:2b28, located in United States and belongs to CLOUDFLARENET, US. The main domain is healthybodynow.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2023. Valid for: a year.

This is the only time healthybodynow.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::6815:44a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 36	2606:4700:310... 2606:4700:3108::ac42:2b28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
6 7	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5 23	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
10	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
138	15

1 2606:4700:3030::6815:44a4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

healthybodynowtoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:3108::ac42:2b28 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

healthybodynow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

p4-gao3bwe2csolw-6xzmrmew2ltzdizd-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	775 KB
36	healthybodynow.net 1 redirects healthybodynow.net	3 MB
23	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	211 KB
10	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
9	gstatic.com www.gstatic.com fonts.gstatic.com p4-gao3bwe2csolw-6xzmrmew2ltzdizd-if-v6exp3-v4.metric.gstatic.com	119 KB
7	google.com 6 redirects www.google.com — Cisco Umbrella Rank: 2	1018 B
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	390 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369	36 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	310 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	80 KB
1	healthybodynowtoday.com 1 redirects healthybodynowtoday.com	494 B
138	11

	Domain	Requested by
36	healthybodynow.net	1 redirects healthybodynow.net
34	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
23	googleads.g.doubleclick.net	5 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
17	pagead2.googlesyndication.com	healthybodynow.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	www.googleadservices.com	healthybodynow.net googleads.g.doubleclick.net
7	www.google.com	6 redirects tpc.googlesyndication.com
6	www.googletagservices.com	googleads.g.doubleclick.net
4	www.gstatic.com	healthybodynow.net googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	healthybodynow.net googleads.g.doubleclick.net
2	p4-gao3bwe2csolw-6xzmrmew2ltzdizd-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-gao3bwe2csolw-6xzmrmew2ltzdizd-if-v6exp3-v4.metric.gstatic.com
2	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	healthybodynow.net
1	ajax.googleapis.com	healthybodynow.net
1	healthybodynowtoday.com	1 redirects
138	15

This site contains links to these domains. Also see Links.

Domain
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-08` - `2024-05-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://healthybodynow.net/
Frame ID: 91D5C64530DF1A147EBF41CB246C303D
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: EC8CF46EC62B2F586327FDCF78122698
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7091741579438152&output=html&adk=1812271804&adf=3025194257&lmt=1706370900&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fhealthybodynow.net%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706370902223&bpp=2&bdt=1943&idt=149&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2383819275781&frm=20&pv=2&ga_vid=1954819136.1706370902&ga_sid=1706370902&ga_hid=1433315605&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080534%2C31080619%2C44809530%2C95320868%2C95321626%2C95322164%2C95323006&oid=2&pvsid=2788842085618801&tmod=654301192&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=158
Frame ID: C44234B19819DB87B88ADCFFF5B7657A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7091741579438152&output=html&h=280&slotname=9078034152&adk=1598601860&adf=3020769239&pi=t.ma~as.9078034152&w=578&fwrn=4&fwrnh=100&lmt=1706370900&rafmt=1&format=578x280&url=https%3A%2F%2Fhealthybodynow.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706370902225&bpp=1&bdt=1945&idt=157&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2383819275781&frm=20&pv=1&ga_vid=1954819136.1706370902&ga_sid=1706370902&ga_hid=1433315605&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=341&ady=370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080534%2C31080619%2C44809530%2C95320868%2C95321626%2C95322164%2C95323006&oid=2&pvsid=2788842085618801&tmod=654301192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=160
Frame ID: 8D0BEE5C5CC72F2BD2D49851077BFB2A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7091741579438152&output=html&h=600&slotname=8507188518&adk=2748055346&adf=1979441008&pi=t.ma~as.8507188518&w=300&fwrn=4&fwrnh=100&lmt=1706370900&rafmt=1&format=300x600&url=https%3A%2F%2Fhealthybodynow.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706370902226&bpp=1&bdt=1946&idt=166&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C578x280&nras=1&correlator=2383819275781&frm=20&pv=1&ga_vid=1954819136.1706370902&ga_sid=1706370902&ga_hid=1433315605&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=959&ady=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080534%2C31080619%2C44809530%2C95320868%2C95321626%2C95322164%2C95323006&oid=2&pvsid=2788842085618801&tmod=654301192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=168
Frame ID: 4C33D4C566A3322E07FFDF53DA34DD0B
Requests: 9 HTTP requests in this frame

Frame: https://healthybodynow.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: 6B775B2BB65C99451A9AAC0303CE5C52
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 21D521481CFC418D8164DB3BF4778B41
Requests: 2 HTTP requests in this frame

Frame: https://p4-gao3bwe2csolw-6xzmrmew2ltzdizd-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 492E38792402AC97A4D416299C1B5A7D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BDC08446548ACA7E792D93D320C8D186
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: C684353955176B267EEDD2C12EBEF5D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 1DA8B48AC7C94F97BC345CE928F5A831
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 840371FCEC3096D92A6DE58C4FBBFFA6
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 57D692915EC86904A5DD53F75432C07B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F9694793782CE93BD2F066376BC3C27D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6E5E6860DCCBF017A38F829B1549BF36
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 056ECA7D864C05645F2F9D7F95FB7091
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A97987A50FD8C7937D63DB3F7B5C94DE
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 34374923C6856B37A1753E73A53ACAF3
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: A7FDA9B06AD6B063E88405BB0FA6CCA0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 7E94BC1C6ADD80F3D8EC6FEDAF55D0B5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 7735FC5C7EF6E7F55A431CEA3B244DCF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 9256B35FBF41873F19036AF85E9849A0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: CB575C1DA1FF2A9F27D44CE6C4BF16DB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 849D38E6F566266BDEE1A07A6D1415CE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A624B13CF5EBDFCDA7485040379E43A5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Healthy Body Now

Page URL History Show full URLs

https://healthybodynowtoday.com/ HTTP 301
https://healthybodynow.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

138
Requests

94 %
HTTPS

87 %
IPv6

11
Domains

15
Subdomains

15
IPs

2
Countries

4959 kB
Transfer

8034 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/GreenJuiceGirl
Title: Follow @GreenJuiceGirl

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://healthybodynowtoday.com/ HTTP 301
https://healthybodynow.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

Request Chain 47

https://healthybodynow.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://healthybodynow.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

Request Chain 57

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 68

https://googleads.g.doubleclick.net/pagead/adview?ai=CNskIVie1ZYKGGtmTiM0P64i0gAXMkOqVdc2u9qmEEhQQASDz2JgZYJXCk4KgB6AB7LPywAHIAQKoAwHIA8kEqgTTAU_Q_rq-HvrKnpK-Hj8_FgOpBPn1yocM1CJaxmNQHa-yyQ14FIGk15DhdChts8oo_An6sffCz0XhkmZgOQulYGa_dtP8m17I6zvZHY0q0Cpqqj9GW64pOyP08WlSFs2ToxETpt0mwqdqOLFlFJBEnw_SKrxTGF3krL1kiR01E9HuU2lgJvarpZLzPXe4iGF9f_nbqZObWpLOryuGWEw7Mz5OZsLV14Y_Kyafz23I-TbO-J3mNBfIpBckdSwa6Jig2RcefkgxCz-lrP3oXbAtdFFw8nrABNPf3LacBIgFlLnVskiSBQQIBBgBkgUECAUYBKAGAoAH_MuNvwKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDLkhjSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WMzu-Pv2_YMDmgkgaHR0cHM6Ly9tYWRtdXNjbGVzLmNvbS9zdGVwLWdvYWyACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNzA5MTc0MTU3OTQzODE1MhgA&sigh=GJJOebW5ImY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_jluxIEqxQ2N3JXYS_RTZZHavUu4vndl6N3rGnPVF8JkWjQy2Gjn129x4rl4JodRZqtANJHc34Kcbe7vGUYJ6rH4ttkdkvlvctaMYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211269785049246999537%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214655814806725820033%22}&andc=true

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 77

https://googleads.g.doubleclick.net/pagead/adview?ai=Cf3JfVie1ZdjnGeuyiM0PqJGomAWGrKGddZyigdThEqXVj5eNDhABIPPYmBlglcKTgqAHoAGqgvDcAcgBA6gDAcgDyYSAgASqBNwBT9DZfsKWN5cL_IAbi3XvZZNGgtfVq-K-SIaTIefc27UqBmecv8orHYIKjBuLhb8AthrTp2KrSo3NO1KIp1F8oEt1tHFPRx1p39AKs5mZFCppaet2rAzdKaquMgmM4Di6qUBdqjNqyRz4Vn5LClahJXW0W88WfhOyUp3zjyMlRnCKlS4RctKiOumNNPSRYdnE1sLA9b6AV8l-vQZ9F_chb7F2P5hTxAK7W8IREILCK-uvoi-ckwOsnPuThG7Ge26x6UMro-jEzQyLX9CH5C1R71dbPiLXi8fLcQuNnMAEoaLd2rgEiAWFwfu-TJIFBAgEGAGSBQQIBRgEoAYDgAe-_Y-jAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEN67M9IIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY08j4-_b9gwOaCc0BaHR0cHM6Ly95b2dhLWdvLmlvP2JyYW5jaC1uYW1lPWNoYWlyJnRlc3QtbmFtZT1nbzRxcG0mdXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmY2FtcGFpZ25faWQ9MjA1MzMxNDE2MzcmYWRncm91cF9pZD0xNTI2NjE2MTA3ODUmYWRfaWQ9Njg4Mjc2OTU3NTY2JnV0bV90ZXJtPSZwbGFjZW1lbnQ9aGVhbHRoeWJvZHlub3cubmV0JmV4dGVuc2lvbmlkPYAKAcgLAaIMCCoGCgSsurEC2BMM0BUBmBYBgBcBshccChoIABIUcHViLTcwOTE3NDE1Nzk0MzgxNTIYAA&sigh=9csGhbgmU0o&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_rfP5_BLUaQn53EaaFgEvqRG6pJbCNzDO-Ma-z16JImRVrHtVHBY_IcpLQlllSJo4IosWN5wZzxXG3mJOcMKPZRJ63UVQ7HV2oVsYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215854744906497072147%22,%22debug_reporting%22:true,%22destination%22:%22https://yoga-go.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22463208746%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217193697688459804785%22}&andc=true

Request Chain 113

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://googleads.g.doubleclick.net/pagead/adview?ai=CtxW-Vie1ZePXGaeTiM0PzuWc0A6hj86WdfSMs7GuErns7u6SDhABIPPYmBlglcKTgqAHoAGqgvDcAcgBAqgDAcgDyQSqBN0BT9BgBpZSMGmsgoFCr0x-j48kdtubkFoP8Dy8RhuLxoMTQfRjKiRDe6XNZptG24BHFG90skf2Dr4kx_z9zl9LGiDPdmdkFSJHW5-OXpqpkMrxv_kcNqgiBdYfX5rvywtkn713sBZKU-_PQj-ystXl3aLPGuyyZpz_EBmMvmRw5X_Bq9IGEPAGsl4evekKR2ReL3pvb6N1G204C1QJRY5vghICHzUB7ip5AmkugJxfr6Rc9lqeNkrn2I6HeXdTjB7xBGFyU7G6Suk1Z4dq5bL7JLbQo1M7CKzorvfvvdfABMmYvYi9BIgFjby1m0ySBQQIBBgBkgUECAUYBKAGAoAHvv2PowKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBD_gwvSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIKn-Pv2_YMDmgnNAWh0dHBzOi8veW9nYS1nby5pbz9icmFuY2gtbmFtZT1jaGFpciZ0ZXN0LW5hbWU9Z280cXBtJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJmNhbXBhaWduX2lkPTIwNDU4NTkzODA1JmFkZ3JvdXBfaWQ9MTUzODMxMjk2MDczJmFkX2lkPTY4NjE2ODg3MzkyNyZ1dG1fdGVybT0mcGxhY2VtZW50PWhlYWx0aHlib2R5bm93Lm5ldCZleHRlbnNpb25pZD2ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNzA5MTc0MTU3OTQzODE1MhgAshgFGAIiAQA&sigh=HqKGWiJAFWI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_8T8f8R8Dm1lCRJvjhKIwk1VhNtHNqvqVaatbbPPwuHTB6yzqDU6Ub1OkuOFKxq9Ju4HKYRFZSy5SwwfxTuNZZ-BIkaJ5fTg6vhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225866832729205137885%22,%22debug_reporting%22:true,%22destination%22:%22https://yoga-go.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22463208746%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221340435079370455713%22}&andc=true

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 122

https://googleads.g.doubleclick.net/pagead/adview?ai=CsCf5Vie1ZeHXGaeTiM0PzuWc0A7lo6OTdcLd773FEpOe9f0IEAEg89iYGWCVwpOCoAegAYyU3acoyAECqAMByAPJBKoE3AFP0LWk5g8Pb2rpuFtbJbIcdktjfsj9tRj3hKhFNSVJ2Ji55nbpWWlhJW0K8UY8O_n-oiRY7JKDAV3HOCAlMUmCf-ZsnoN_PwPJNHgk59LCxN7aFQcCQVQ5crJacqMif-og_tfMkabRdjafoC7-3uRUqWzt17pTlJSI-WUvZoIxvwmvNW9JtdHZWdd57omjnQmNaLT2tHMtgJreTktpa2ENiPHUCJ3m9zjOrEn05J-_RH-_2DFdLAcBA7POBnzQmcUK6AZ3gk7MOUcsSEnF1FissfXUUfPpj7nPcGpNwATqg_ir1gSIBcCD8OFNkgUECAQYAZIFBAgFGASgBgKAB4zMrYcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ2t4S0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliCp_j79v2DA5oJzAFodHRwczovL2Zhc3RlYXN5LmlvLz9icmFuY2gtbmFtZT1rZXRvJnRlc3QtbmFtZT1nbzJodXImdHJhY2s9dHJ1ZSZ1dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZjYW1wYWlnbl9pZD0yMDg3NDc4OTMxMiZhZGdyb3VwX2lkPTE2MDYxNjU0Njc5NCZhZF9pZD02ODcyNjI5NjQyOTImdXRtX3Rlcm09JnBsYWNlbWVudD1oZWFsdGh5Ym9keW5vdy5uZXSACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNzA5MTc0MTU3OTQzODE1MhgAshgFGAIiAQA&sigh=iJLsmHfMY6k&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_8T8f8R8Dm1lCRJvjhKIwk1VhNtHNqvqVaatbbPPwuHTB6yzqDU6Ub1OkuOFKxq9Ju4HKYRFZSy5SwwfxTuNZZ-BIkaJ5fTg6vhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228849783873805941325%22,%22debug_reporting%22:true,%22destination%22:%22https://fasteasy.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210820733452%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226795463285425343905%22}&andc=true

Request Chain 126

https://googleads.g.doubleclick.net/pagead/adview?ai=CTTYkVie1ZeLXGaeTiM0PzuWc0A7lo6OTdeqm64OnEpOe9f0IEAEg89iYGWCVwpOCoAegAYyU3acoyAECqAMByAPJBKoE3AFP0FZJbgOHVA1UOvmxW_pvawIWlKqvB27aF8qG3McH_PIt8RnrmMOj_73SU_tQMABmb8_RQ4coDnDR1pJ-lRGexE2nhcRI-nsPEmr-f8Rqx4Z74CnzNs0tEQOYOTeM5s32h-tSkkf64Lm_SQJ2q2Tw3L0DHmGuc0qgFH9daYnxOeeCAhHt4DGZuob9-i-tvX1pY05W-UlklKHni0jGCL8RjLduwoGUeIvAgF667wrWek5pA4m0XOPluYye7xomBCs3vdhSdQACPwE8MUjKJvoSYCcTCzzMWGlRSQVqwATy7qupxwSIBcCD8OFNkgUECAQYAZIFBAgFGASgBgKAB4zMrYcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQs-cG0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliCp_j79v2DA5oJzAFodHRwczovL2Zhc3RlYXN5LmlvLz9icmFuY2gtbmFtZT1rZXRvJnRlc3QtbmFtZT1nbzJodXImdHJhY2s9dHJ1ZSZ1dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZjYW1wYWlnbl9pZD0yMDg3NDc4OTMxMiZhZGdyb3VwX2lkPTE1NjU4NDU3Mjc4NiZhZF9pZD02ODUzNzA1OTI0MDEmdXRtX3Rlcm09JnBsYWNlbWVudD1oZWFsdGh5Ym9keW5vdy5uZXSACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNzA5MTc0MTU3OTQzODE1MhgAshgFGAIiAQA&sigh=_Ibb_JbrxQo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_8T8f8R8Dm1lCRJvjhKIwk1VhNtHNqvqVaatbbPPwuHTB6yzqDU6Ub1OkuOFKxq9Ju4HKYRFZSy5SwwfxTuNZZ-BIkaJ5fTg6vhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225545577044992400771%22,%22debug_reporting%22:true,%22destination%22:%22https://fasteasy.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210820733452%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227472685611361937345%22}&andc=true

138 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
healthybodynow.net/
Redirect Chain

https://healthybodynowtoday.com/
https://healthybodynow.net/

135 KB
41 KB

5131ms
5098ms

Document
text/html

2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c821e8859e4d735435771cb09d559b05e4b0b6e00baede7fb6c6555c1485a0f9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: s-maxage=31536000, max-age=60
cf-cache-status: MISS
cf-ray: 84c22d4ee96b2c29-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 27 Jan 2024 15:55:00 GMT
last-modified: Sat, 27 Jan 2024 15:55:00 GMT
link: <https://healthybodynow.net/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvfYOd7hS%2FuhWct6M2pRfq3C9kCUbbe8a5nAaJ81KsFPDe2aGIDCRNmJsCPFCnPV572IJO9aCHW7d4F9i2x3DbSA80v%2B%2BNyhbjZTDhrBb6zgvSgEsIqs2g%2B2v6zypS4rMNm%2BhbVFh55GSV%2FAy4h59w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-wp-cf-super-cache: cache
x-wp-cf-super-cache-active: 1
x-wp-cf-super-cache-cache-control: s-maxage=31536000, max-age=60
x-wp-cf-super-cache-cookies-bypass: swfpc-feature-not-enabled

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 84c22d4d4a4622b1-CDG
content-type: text/html; charset=iso-8859-1
date: Sat, 27 Jan 2024 15:54:55 GMT
expires: Sat, 27 Jan 2024 16:04:55 GMT
location: https://healthybodynow.net/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHx0MdDZ0DwD6IZPc7gdDzIs6VTgyfnJsdThVvj1wydkdtospwDVKCW37LNbsP80x58R0K%2BPZBeIE8ROIslnmmGm%2B%2BzTqinFv7z42zata%2FOa1wdcpXBJa%2BSfjbm8AF8C1sY%2Bim8imAInhtcSZBc5fcOuyVO48Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 18 KB
2 KB 45ms
19ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat|Open+Sans:400,700,400italic

Requested by

Host: healthybodynow.net
URL: https://healthybodynow.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

da0363b6da219bf9930e1a4317fe7293acb670841b46f5d0990f84939e8c9688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 15:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 15:55:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 15:55:00 GMT

GET
H2 200 style.min.css
healthybodynow.net/wp-includes/css/dist/block-library/ 107 KB
15 KB 1780ms
1779ms Stylesheet
text/css 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://healthybodynow.net/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 09 Nov 2023 03:50:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1add3-609b01b4f60be-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNiwNueeaSFlcVg93UnsigDpIyETYnkP7hVH4sBN7xjRm0Snb6ei8yFXoMXqTdeR4eahM2Jhvnc7Vuw1pnN1ThVRKFzVKGu7X5CLxCgvK9X%2FK9NFkZrPcbsbgA9EiQmzrsSH0TdXg89G8yqwSHlyYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84c22d6ecf5a2c29-FRA

GET
H2 200 style.css
healthybodynow.net/wp-content/themes/custom/ 38 KB
9 KB 1819ms
1818ms Stylesheet
text/css 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://healthybodynow.net/wp-content/themes/custom/style.css?ver=6.4.2
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69214763ac9527788e9dc6f548392c74ee2c3200b276bd95cc7eb9045335456b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 19 Mar 2014 00:32:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"96f1-4f4eac87cf680-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fozR3dmF808DE16Y0H6VXO%2BDJjamXkAN2G8KTmx5ekmIGOtkqA4JH3UWruoeaailAtMMeISQ%2BzgNS2%2Fb3EludqhBu6pp7y7d9zm093oKkRzBZTM20o%2FSPztZfVd2iEGI%2BqbWduUEBak8orx0ejn%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84c22d6ecf5c2c29-FRA

GET
H2 200 responsive.css
healthybodynow.net/wp-content/themes/custom/css/ 8 KB
2 KB 1823ms
1822ms Stylesheet
text/css 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://healthybodynow.net/wp-content/themes/custom/css/responsive.css?v=1706370900
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0949a0450b9ec9be732378d75f9f0dd76362598ce231136a2ca2bb5f6539b344

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 03 May 2014 18:42:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"207d-4f88342163b00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7WXMHZ3nmQgpS8P2rzb12tICb1nvgzi%2Bq6Qy1r1MQ4BxhV85ZLrGAMbZaGQDagr3c3ENwLiDciuPByN%2B1VlEhr6S8BKqLAHtXbAlC%2FfvTpRtPRAFcusALFFrM%2BiMuPURpg7VCONcoBsuH1chaLpcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 84c22d6ecf5f2c29-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: healthybodynow.net
URL: https://healthybodynow.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:27:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:27:16 GMT

GET
H2 200 header.jpg
healthybodynow.net/wp-content/themes/custom/img/ 200 KB
201 KB 1791ms
1791ms Image
image/jpeg 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/themes/custom/img/header.jpg
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50f778d709432b89f1f8a3a9a90984c3d64192b57519e6b4da6766974c80e371

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Mon, 02 Sep 2013 23:43:50 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "321bc-4e56f24e59980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbRrFZFWdB%2BRg1X%2BHNQf1CvWOYz8vUHBM05HxE961C6n32sy6idlZZGoPYSnksdt6jbz5ZibCU3xXjpKJkoCRE8vxv9T67pxemlefHhasuVmNr0JsoWygfHctAAorD7y%2FeYs1vcGhKef1sk4gXPVxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 84c22d6ecf612c29-FRA
content-length: 205244

GET
H2 200 AdobeStock_378291449-1-660x300.jpeg
healthybodynow.net/wp-content/uploads/2024/01/ 36 KB
36 KB 1982ms
1982ms Image
image/jpeg 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2024/01/AdobeStock_378291449-1-660x300.jpeg
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5f5f7768bfec3c16089897e45f939a84b744f5576852e2d003d8df1da565e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Fri, 12 Jan 2024 17:31:03 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "8fbe-60ec30742a7bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Htpoiu3B8UnynjuWdZqmGWPFBckdrxiDO6mHtDeXNxsXJtX1ieyVLrbh4U7rvskb5oZ5Nj0PakZq4AVr0ar4QH03rQrgSdBMOz0kMP70rjUTj1C0NnuF9BQ%2FZAQXi7GiMToHoQJRrtASIwOusvDCsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 84c22d6ecf622c29-FRA
content-length: 36798

GET
H2 200 person-drinking-from-a-blender-932610999-1-660x300.png
healthybodynow.net/wp-content/uploads/2024/01/ 289 KB
290 KB 130ms
130ms Image
image/png 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2024/01/person-drinking-from-a-blender-932610999-1-660x300.png
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6acf9a9d7539db1deb015db2d02d3985e66a486d71487d6a0fd3af983d340d7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Jan 2024 13:29:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "484d8-60eab89c51735"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rk5a5tjk0YC5qK1aqQflc7Z1%2F8Q6jP1eV95Gaz1SaNryMBo%2FYSzKUPHVzjz%2Bzpk%2F%2Fcb8KGU7OuNdrtZDtM4Cv%2Bu7dAnlBw5qw%2Fq%2Fw%2FltWG75W6d3FexAL30pzJZoOgnhrH1yV6BUYCeKRK2sTZLCfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 84c22d7a0f9b2c29-FRA
content-length: 296152

GET
H2 200 fruit-juice-573738779-660x300.png
healthybodynow.net/wp-content/uploads/2023/12/ 325 KB
325 KB 577ms
571ms Image
image/png 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/12/fruit-juice-573738779-660x300.png
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ea443726f237b3686a9a00f70333c65766217e28720ac4956971c47bac7b45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Jan 2024 12:53:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "512f9-60eab09b0710b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STKBSY2N8PHzOWlwXLMfpo5V%2Ba7pxamhrsdDSjr6HM0tHI0MzrV4SKYLAHb0AQ%2BshDw%2F%2FUA166%2Bi3eVVXVLz6pwCv1GK6chPio08GOWECXWsh9Otqm4ari915kuq%2BwC7JSN1k94wAOD12s%2BoLCwAcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 84c22d7a3fd92c29-FRA
content-length: 332537

GET
H2 200 AdobeStock_518817778-1-660x300.jpeg
healthybodynow.net/wp-content/uploads/2023/09/ 29 KB
29 KB 546ms
541ms Image
image/jpeg 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/09/AdobeStock_518817778-1-660x300.jpeg
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd57556526d03175f576494494c787d8d33553c8bd6c7a76462a1b4937612d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Mon, 18 Sep 2023 19:29:31 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "73c5-605a72958d161"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzMyQ8SkypvYukWgPaAX%2Fb7D%2FntRTwrPae3Cahap6QDD%2BHGB9FSD7caX%2BFUl5t%2BZbmZ3lDghtcXFxjwBVEI9Gjop1yx1W7P4GQvc0qKxwPUtv2VL4aJ6CTE9WO1RngTcjFhpAAi8Az3of63ymBit3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 84c22d7a3fdb2c29-FRA
content-length: 29637

GET
H2 200 Top-10-superfoods-2023-08-22T163159.576-660x300.png
healthybodynow.net/wp-content/uploads/2023/08/ 226 KB
227 KB 219ms
215ms Image
image/png 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/08/Top-10-superfoods-2023-08-22T163159.576-660x300.png
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95acdda7ba2b8f094d5a109749820dc5df06027fef0f8cc3af62c5ac0d634bfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 22 Aug 2023 14:32:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "38987-60383dca2236b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiR1pfnD6Y35ec7YOdGGeM9UpDZY5oEz3Ss3JGS0qgfV3Cykk9dEJ46rn%2BvYN9n6PST8ouva2ZwWwyeQ1RAhbrhYZQ7UKhXGC0Yx3yVNLA5vbKfZA3X9AKB48dspCICUDInpx2%2FC8QujVqHYDrwgKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 84c22d7a4fe12c29-FRA
content-length: 231815

GET
H2 200 Top-10-superfoods-2023-08-22T161232.623-660x300.png
healthybodynow.net/wp-content/uploads/2023/08/ 356 KB
357 KB 127ms
123ms Image
image/png 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/08/Top-10-superfoods-2023-08-22T161232.623-660x300.png
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 715b45b42f7582a7fd0d5f5a176c1b5596806b06bd381a9cd04ac584fa46a383

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 22 Aug 2023 14:12:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "58fbc-6038396de91fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNUUg%2Fba45tFpO8TwLzbGt0C6Z6TZJXWbPO3tSp1LKMWJzy7VhK9uzkA1gH8HcVHceIkCKbPyfrzE1xJrLIDv1fnE7lfb%2BhrexkZS2srfnHv4cQX88OwU6Y%2F9PbrTFTeIcD7SRgKgozE5sNg8gDAtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 84c22d7a4fe42c29-FRA
content-length: 364476

GET
H2 200 Top-10-superfoods-2023-08-22T155744.514-660x300.png
healthybodynow.net/wp-content/uploads/2023/08/ 420 KB
421 KB 155ms
151ms Image
image/png 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/08/Top-10-superfoods-2023-08-22T155744.514-660x300.png
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11ce1933897350f3113dc8399ea6541530e503805d648a618a84d3c336ff8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 22 Aug 2023 13:58:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "691ab-6038362dc7d8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBwOXYtcQMBXIRa3RqlrrCJBETkW0Cgha2coN9fc6QNeNguVpqXy%2BwHiREtmPTKOAhfyybyrJX14usNN%2BeQfoPID5Ou7YlKLMBUV8Nl0Ez9cTP3alPx6oMsb41JExpcWvQfnJuzsnUxymjfcd64THw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 84c22d7a4fe52c29-FRA
content-length: 430507

GET
H2 200 Top-10-superfoods-2023-07-10T181934.205-660x300.png
healthybodynow.net/wp-content/uploads/2023/07/ 372 KB
373 KB 152ms
148ms Image
image/png 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/07/Top-10-superfoods-2023-07-10T181934.205-660x300.png
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b13c6367eab9392669551bb71fa0cc2eba7cf1b51d7d2ac7cfa4d29911547e8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 10 Jul 2023 16:20:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5cf66-600245b8f32d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZBph6hHJHwKVP2Wb4ig934%2FR1IfGr59I4kEDJj4am%2BbdUGfYo24wsatfPCH7rFJKj4lDqxFHfIMP8lFUxVia0DgIClRq%2FlvxpeY%2F8Bs9faCW%2FIq%2FjNha7nAxmy%2FCXcu0PyuEmt1iKBubp3LXre2Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 84c22d7a4fe82c29-FRA
content-length: 380774

GET
H2 200 Top-10-superfoods-2023-07-10T175616.850-660x300.png
healthybodynow.net/wp-content/uploads/2023/07/ 381 KB
382 KB 736ms
732ms Image
image/png 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/07/Top-10-superfoods-2023-07-10T175616.850-660x300.png
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2a06c30618dbec91ec4ef6c4d27414e305a199254e61489a50cbbd666a60c12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 10 Jul 2023 15:56:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f4f0-600240764b6c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DiQ0ulGP5I9grt0FbVYNpEzhTyb%2BNgJF7gwsBP%2FvqXhpKY9S%2BZ1Y4ommmxnGPhYyoO9n28zrU6ng0VcWvHGr0ilucyegXRzU%2BNw3dKSeRMAPnfrjt3nHpGR%2FyLS8FdlO2f7DfzPdbz7mFNYzer8GA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 84c22d7a4feb2c29-FRA
content-length: 390384

GET
H2 200 Top-10-superfoods-2023-07-10T172719.625-660x300.png
healthybodynow.net/wp-content/uploads/2023/07/ 327 KB
328 KB 1235ms
1232ms Image
image/png 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/07/Top-10-superfoods-2023-07-10T172719.625-660x300.png
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 216296422421408062bb279dc4f12a0c8a26f3a952f91a2c89fa5d7f5d71ccac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:03 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 10 Jul 2023 15:28:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "51bae-60023a2ceff13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppgHn2pjq6AgGuxbKBQPnI%2FMO25Dn7VBKVonIA2SCgO43fId1WrMfyJHxRbiI5LCDtZn7J2MIdDjYSnYvophEFdprdLg%2B%2FXjMsrJkBSKuA6OypJmPl7FpbkrYhQ3QoFqyv58iKc96nmMstKimbHbeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 84c22d7a4fee2c29-FRA
content-length: 334766

GET
H2 200 Top-10-superfoods-2023-06-24T111416.783-660x300.jpg
healthybodynow.net/wp-content/uploads/2023/06/ 29 KB
29 KB 586ms
582ms Image
image/jpeg 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/06/Top-10-superfoods-2023-06-24T111416.783-660x300.jpg
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c2ebf65fdce2a9cdeac7d46bc165e84aa39be4d871b9daff42dc33ca254bb77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Sat, 24 Jun 2023 09:14:25 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "739a-5fedc8b36174e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPtYYSJoEfN49eMxBYYFR3Nc1OuEV2FcA2%2FPZAfGReUA3uORGJDPlshuoOCqizqNOoQ14sNezjnxLyPCOxCpz0WiayD0U6LXGj7jRPI%2FDFLy7CTFHetfdIa7q%2B9ZZxlYSSquvLYudS2riSk96aP9IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 84c22d7a4ff02c29-FRA
content-length: 29594

GET
H2 200 Top-10-superfoods-2023-06-24T111044.866-660x300.jpg
healthybodynow.net/wp-content/uploads/2023/06/ 33 KB
34 KB 548ms
544ms Image
image/jpeg 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/06/Top-10-superfoods-2023-06-24T111044.866-660x300.jpg
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 197b27b3c6db8eae65673a8c3d94cf40f3a8e19484df0efeaf672baf192cce5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Sat, 24 Jun 2023 09:10:53 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "851c-5fedc7e91a125"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMysa0KIcYFOg0onekSkBbLv53K5fzZpnTtdiIBxTlUKDqBaF%2BfNxzOYSn%2FObbzgZVSTDhrs8gDpFk60Us%2FHjkdL387INnnQUBmq5AUkMS697ovtZ14%2BucVvPr9Djqlcx85fiRtFXjsj6SgxiG%2BiTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 84c22d7a4ff12c29-FRA
content-length: 34076

GET
H2 200 Top-10-superfoods-2023-06-24T110443.440-660x300.jpg
healthybodynow.net/wp-content/uploads/2023/06/ 15 KB
15 KB 542ms
539ms Image
image/jpeg 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/06/Top-10-superfoods-2023-06-24T110443.440-660x300.jpg
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55bb1b0f36fafb317840a9fbe6fb33b7f9a2700f10121a94ce1056e70a385b1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Sat, 24 Jun 2023 09:04:48 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "3ac8-5fedc68cf1d48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yi4R6FI5DAGmDt3mDXhsMoTFak2TuPLGetwCTQmT9vwTJS7HtQ%2FXbOC1cENpuF2nFK%2FZSdbeUlCaZZmGsGRAA4JKT8Ae9bYYqCTXOoBKm8TsdgQ05ftwYSwknqw5A%2Ff7dIqLbQiUpPNRpZf5iflEPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 84c22d7a4ff32c29-FRA
content-length: 15048

GET
H2 200 Top-10-superfoods-2023-06-24T105051.467-660x300.jpg
healthybodynow.net/wp-content/uploads/2023/06/ 19 KB
20 KB 706ms
703ms Image
image/jpeg 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/06/Top-10-superfoods-2023-06-24T105051.467-660x300.jpg
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19e91a27614dce94a42f205cb6cf65044b60a354a7306b8bb51f97256d2be17f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Sat, 24 Jun 2023 08:50:58 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "4d17-5fedc375f10a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpNM73r2q8PsY45WLkTCaNvQXUSaVGhtL3d9xIT2LzaL62YIC7F34eLJ41OrM7%2FL44xCIEIfpY%2BcatmoITpxzpPyDJVF9ep6T2Og1iJyrs8dOnGCLK3svaxbzpwsOyhBjxmtWORhemEw3BbU2Yvj8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 84c22d7a4ff42c29-FRA
content-length: 19735

GET
H2 200 Top-10-superfoods-96-660x300.jpg
healthybodynow.net/wp-content/uploads/2023/06/ 19 KB
20 KB 631ms
628ms Image
image/jpeg 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/06/Top-10-superfoods-96-660x300.jpg
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f7d3c20fea3123fffb9a1c9a7c2948225863cfe39cb1d60c000b200a90cf351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Sat, 24 Jun 2023 08:45:15 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "4cf8-5fedc22eac7e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmaxPuRmq40QZbe4jPawhqJqgg%2FcO5lSpqOXGoaUnFWOLET7vab0WJJvOMxjwJtkrKIP4BAODdF7bpkdMhs32Xy0CPu2AHxpfhOUgOvxzpTNCJExJPfCX93hPN%2BTojK3PDvYDVYTlJBis9RhqyK6NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 84c22d7a4ff52c29-FRA
content-length: 19704

GET
H2 200 Top-10-superfoods-91-660x300.jpg
healthybodynow.net/wp-content/uploads/2023/06/ 50 KB
50 KB 154ms
151ms Image
image/jpeg 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/06/Top-10-superfoods-91-660x300.jpg
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7b696f92d6d8217a3616faea717671ce28548fcf42c86904e988e45acfe732e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Sat, 24 Jun 2023 08:26:46 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "c73d-5fedbe0ca504c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utpVe%2BPO7etyn2%2B8nSTwWTgDprwBUbqMFECqROFOVU8AY7McrlYlYs%2F8btOIbHk3QKM1f0lIOMcqMpCga9e24PUxafRp%2BiMxwHN7rh0c3aH%2BydjkKpjczww49gK%2BB3DE%2F%2BzTEQiecwYF31L07YvoIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 84c22d7a4ff72c29-FRA
content-length: 51005

GET
H2 200 Top-10-superfoods-68-660x300.jpg
healthybodynow.net/wp-content/uploads/2023/05/ 35 KB
36 KB 775ms
773ms Image
image/jpeg 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/05/Top-10-superfoods-68-660x300.jpg
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e3eb2ee0d006f9d256e1796ccb35b06e859debf4c7711c7e17da589fcce653e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Sun, 28 May 2023 17:28:43 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "8daf-5fcc44d468b12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZUVnjPIkTUlrnv8t4kyxnFZ0ViK9mVzX%2F%2B27eESVASNHmGIaDh3qmrXZTWdAwKEz%2BR4gPehbrrZYJ5jDLtGrUSFf11LOEh37YncQ94TqhcZg%2FMSPA7MhgF6AHzQQr%2FqERNBmZgfLTcPKR8%2BcYp5zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 84c22d7a4ffa2c29-FRA
content-length: 36271

GET
H2 200 Top-10-superfoods-58-660x300.jpg
healthybodynow.net/wp-content/uploads/2023/05/ 21 KB
21 KB 936ms
933ms Image
image/jpeg 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/05/Top-10-superfoods-58-660x300.jpg
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca82d172f9366a01881c54f9d8cf5d9320c32feed78de88803ec3c9223931e83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:03 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Sun, 28 May 2023 17:14:51 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "52ae-5fcc41baa3339"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGIqWWbMDUoyd4qx%2F0mgN888iJyQScXY4gZRZ9X2a%2FKlXg9ZhSHog2vXJQLp%2BghMXhUqWa2H3pktpNDpugAKYb7uYEXhC8Nug4cOXE3qkmVW8D7AnD5iaSf4BN3Zs9r%2F9sFY63RguP03SZU7egMbIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 84c22d7a4ffb2c29-FRA
content-length: 21166

GET
H2 200 Top-10-superfoods-48-660x300.jpg
healthybodynow.net/wp-content/uploads/2023/05/ 37 KB
37 KB 772ms
770ms Image
image/jpeg 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/05/Top-10-superfoods-48-660x300.jpg
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab9a2df00eb4d27722f84a297ee57d5c4058d129ee3bde2e08180ee97bceff0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Sun, 28 May 2023 16:48:24 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "92f1-5fcc3bd0f1a25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRzh0V6UEm7XrE57aWlNM%2BNtzyc%2FEHWIdCTRLlaFzgZUc2ZIlBKiR1urEWdnUuWnuilxC08LJOqOTbUd88h4Dpit%2F7HqFtexjnpKj%2BBynQOBGXpqjSQ4OwjOAIliRzR2M6RCbrkg1rU6mlxgrru6CA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 84c22d7a4ffc2c29-FRA
content-length: 37617

GET
H2 200 Top-10-superfoods-43-660x300.jpg
healthybodynow.net/wp-content/uploads/2023/05/ 21 KB
21 KB 150ms
148ms Image
image/jpeg 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/uploads/2023/05/Top-10-superfoods-43-660x300.jpg
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b9063c764521ee9c75f2d52dc2a07f20cef202f9750237b0af1ddd583b77b11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Sun, 28 May 2023 16:35:07 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "540b-5fcc38d8ebddd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8hdAcj9fdwI508mexqG%2FkiqRPVUBjBfgOWSKpyyTpSOzG4340aQ6iBOeNT5Rfcvpu7imZcYdp1kD0uBnyaxAyaxN3xbBQIXppay%2FtLlf9IAmAaH5aM%2Bnzgy5A5kXJscVoz8%2Bu%2BTzDPeb4aQXZwqfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 84c22d7a4ffe2c29-FRA
content-length: 21515

GET
H2 200 shadowbox.js Show response
healthybodynow.net/wp-content/themes/custom/js/shadowbox/ 22 KB
9 KB 156ms
151ms Script
text/javascript 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://healthybodynow.net/wp-content/themes/custom/js/shadowbox/shadowbox.js
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06ea2d81eebc9a8ed398db5d77899dfb2d10375a23e12e56452448c6aeef97d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 02 Sep 2013 23:43:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"56aa-4e56f2522a280-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mt%2FCn7eCn%2BIxs8Vd7o4URs3iv2VKm1mYnJQ3BLTWcblHnyak5HbCdgfAu6FFquQuiKc8lI9hN%2FpxQL9LOXYcOWrQG1q0JNeYvoSFC925JfxRIFM8URsZwT9dau9mTslrHXxS3DlfzhWF5kHomKYWbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 84c22d7a3fd72c29-FRA

GET
H2 200 jquery.bpopup.min.js Show response
healthybodynow.net/wp-content/themes/custom/js/ 5 KB
2 KB 127ms
122ms Script
text/javascript 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://healthybodynow.net/wp-content/themes/custom/js/jquery.bpopup.min.js
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 528885843a33c978d355be55c1d57337f34858ffb8fb6eecb7455d6c9d891113

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 14 Mar 2014 01:38:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1441-4f48721d1c300-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69WQnCofuIjaif%2FRRtS9fYbsMVcnlq28utfyBNHox6C3okMS2P978EcghEwRxK0C9zupsqP2h8yyPz9hOv53V%2FPBqDAB2q7hsK7lFEv4RUWoKcIWb%2F0%2BGuRTwOisgwobKiz31EDqCyICPcPQWVX8tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 84c22d7a3fdc2c29-FRA

GET
H2 200 waypoints.min.js Show response
healthybodynow.net/wp-content/themes/custom/js/ 8 KB
3 KB 513ms
509ms Script
text/javascript 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://healthybodynow.net/wp-content/themes/custom/js/waypoints.min.js
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 19 Mar 2014 00:25:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1f6c-4f4eab25ff3c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9c1ztv5lMamaMKHmoHZD8lWN6BZZaaD9tuuVizM0Zzbq2gVXSTBWgbbMDfqwM%2FReF08NXlZor3x5rukAuavMW2cO7XvJ%2B4neo6Ka3Dll1VJ5s0Fjl0CyiglmUzTlOxzXFK4wYK1oBiM2W4QlrjzAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 84c22d7a4fde2c29-FRA

GET
H2 200 jquery.cookie.min.js Show response
healthybodynow.net/wp-content/themes/custom/js/ 1 KB
993 B 501ms
496ms Script
text/javascript 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://healthybodynow.net/wp-content/themes/custom/js/jquery.cookie.min.js
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a63ad5db399cbf133df4954868d069a0438e0f43082a25b09bd884deb1fe77c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 14 Mar 2014 01:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4f3-4f4876a98be40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKrU4%2BXbioSHryglsxrQJLqtBAFH%2BR96tFoy%2FMY67uJJFBLHXXDSasaZ26VWxu5IyElho8m%2BwDi4PKaMwXdgMmhfloYyhCMLTFkjB3w%2FFFGOSyR7QKQqDoOif5cracXASIfILdpVp7mwZDlO792H9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 84c22d7a4fdf2c29-FRA

GET
H2 200 main.js Show response
healthybodynow.net/wp-content/themes/custom/js/ 2 KB
1 KB 216ms
212ms Script
text/javascript 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://healthybodynow.net/wp-content/themes/custom/js/main.js
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f4b0be006aea378c3b049d356d304cea0774183fdb920c6242ad813b852b8e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 01 Dec 2022 16:26:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"867-5eec6b0298680-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9oxaK9NEXhXsqF%2B%2FcdsErIQ32Tf5VaYHXR1igngXhvOwoXzSQTwZR7DrrGh5joCGAdEfrj0wUUOQqUQnwOf9Nx2N1y9WpQ3YQcKxLG09JGE4a9lKd3xeOzZoyEMlHy8HFO01JHZfNE%2FL%2FK92SzkRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 84c22d7a4fe02c29-FRA

GET
H2

200

loader.js Show response
www.gstatic.com/charts/
Redirect Chain

https://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

61 KB
19 KB

30ms
8ms

Script
text/javascript

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: healthybodynow.net
URL: https://healthybodynow.net/

Protocol

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18534
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 17:52:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gviz"
vary: Accept-Encoding, Origin
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 27 Jan 2024 16:42:26 GMT

Redirect headers

date: Sat, 27 Jan 2024 15:44:53 GMT
x-content-type-options: nosniff
server: sffe
age: 609
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/charts/loader.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Sat, 27 Jan 2024 16:14:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 85ms
62ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: healthybodynow.net
URL: https://healthybodynow.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8592c8414f1a96b789c4118ca1e1e4dfb8f04738c610e88ec88cb8c55f645093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51568
x-xss-protection: 0
server: cafe
etag: 4072424938167243267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 27 Jan 2024 15:55:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 56ms
25ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-22WYZ2WQNJ

Requested by

Host: healthybodynow.net
URL: https://healthybodynow.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

000c133973f51958c22e3af6b87d89d211aebb30a33296299bcfb1b03a808896

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81599
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 27 Jan 2024 15:55:02 GMT

GET
BLOB 200
OK a7f4ebed-3c95-41d0-b094-5d16b7348f5a
https://healthybodynow.net/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://healthybodynow.net/a7f4ebed-3c95-41d0-b094-5d16b7348f5a
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 google.png
healthybodynow.net/wp-content/themes/custom/img/ 2 KB
2 KB 612ms
610ms Image
image/png 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/themes/custom/img/google.png
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/wp-content/themes/custom/style.css?ver=6.4.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48280dd8e523275dc717ff178add4768aae6b48eda499fb73a20e23a330af6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/wp-content/themes/custom/style.css?ver=6.4.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 02 Sep 2013 23:43:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7c5-4e56f24d65740"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1aIGVdTIduGbILl0SqaD5Qi%2Fx053bL5UVRKI%2FkBfNp9qNbuAqiTC2boCm9fj%2BSj5XX%2FsNHKOVPeG45oood%2FMQ28MfZOi8Pl%2FcvjYojxxgLNMtfcf45OUfaeS45q4K6PGStj9foKapl7TqJLiSvu8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 84c22d7a48002c29-FRA
content-length: 1989

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat|Open+Sans:400,700,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://healthybodynow.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:43:45 GMT
x-content-type-options: nosniff
age: 317477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:43:45 GMT

GET
H2 200 rss.png
healthybodynow.net/wp-content/themes/custom/img/ 495 B
848 B 147ms
146ms Image
image/png 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthybodynow.net/wp-content/themes/custom/img/rss.png
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/wp-content/themes/custom/style.css?ver=6.4.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6831a1b7026dd6a61e75f38ada59c5c87ffcf0c4fdca13e154a81c1c69cf4f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/wp-content/themes/custom/style.css?ver=6.4.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 31 Oct 2013 14:35:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1ef-4ea0a5dac7b40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqN7XT2wNjYqdKoZlycCliyPWF8v4VktqrhuuKE6%2F4aJVDZfatIuE9QYn6fbQTWFaO1LxI6Tu56cKm7j%2BurMP%2BVr7xeGSJCnSEn8VWsdbXAC9TLa5cG5O27uFmXX99P6tg4fuOcMejZp7QKovZuyvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 84c22d7a48012c29-FRA
content-length: 495

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v40/ 19 KB
19 KB 39ms
18ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat|Open+Sans:400,700,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://healthybodynow.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:32:16 GMT
x-content-type-options: nosniff
age: 318166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19280
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:02:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:32:16 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 37ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat|Open+Sans:400,700,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://healthybodynow.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:24:25 GMT
x-content-type-options: nosniff
age: 318637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14940
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:46:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:24:25 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 123ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-22WYZ2WQNJ&gtm=45je41o0v9116177555&_p=1706370900332&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1954819136.1706370902&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706370902&sct=1&seg=0&dl=https%3A%2F%2Fhealthybodynow.net%2F&dt=Healthy%20Body%20Now&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=7370
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-22WYZ2WQNJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 15:55:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://healthybodynow.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ 405 KB
138 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7091741579438152&plah=healthybodynow.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1051b0bb0b9af42b6a1fa4ee04ad0cdfdcb69ae68f600d315a38ac5323cd636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140753
x-xss-protection: 0
server: cafe
etag: 2098819089448199428
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 15:55:02 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame EC8C 9 KB
5 KB 97ms
16ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://healthybodynow.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 23:40:37 GMT
etag: 3890843268177463596
expires: Fri, 09 Feb 2024 23:40:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C442 632 KB
109 KB 531ms
530ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7091741579438152&output=html&adk=1812271804&adf=3025194257&lmt=1706370900&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fhealthybodynow.net%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706370902223&bpp=2&bdt=1943&idt=149&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2383819275781&frm=20&pv=2&ga_vid=1954819136.1706370902&ga_sid=1706370902&ga_hid=1433315605&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080534%2C31080619%2C44809530%2C95320868%2C95321626%2C95322164%2C95323006&oid=2&pvsid=2788842085618801&tmod=654301192&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=158

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7091741579438152&plah=healthybodynow.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9cc5fe47185072f83f7cdf06c1783d2b90802f6d32c4b13ef7a60f91981cdba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://healthybodynow.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 111811
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:55:02 GMT
expires: Sat, 27 Jan 2024 15:55:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8D0B 103 KB
38 KB 603ms
603ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7091741579438152&output=html&h=280&slotname=9078034152&adk=1598601860&adf=3020769239&pi=t.ma~as.9078034152&w=578&fwrn=4&fwrnh=100&lmt=1706370900&rafmt=1&format=578x280&url=https%3A%2F%2Fhealthybodynow.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706370902225&bpp=1&bdt=1945&idt=157&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2383819275781&frm=20&pv=1&ga_vid=1954819136.1706370902&ga_sid=1706370902&ga_hid=1433315605&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=341&ady=370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080534%2C31080619%2C44809530%2C95320868%2C95321626%2C95322164%2C95323006&oid=2&pvsid=2788842085618801&tmod=654301192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=160

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61de59b294452b90e690a803447be6c5ae6886bf5ef903b9dc5e616ade96a742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://healthybodynow.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39143
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:55:02 GMT
expires: Sat, 27 Jan 2024 15:55:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4C33 116 KB
41 KB 429ms
429ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7091741579438152&output=html&h=600&slotname=8507188518&adk=2748055346&adf=1979441008&pi=t.ma~as.8507188518&w=300&fwrn=4&fwrnh=100&lmt=1706370900&rafmt=1&format=300x600&url=https%3A%2F%2Fhealthybodynow.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706370902226&bpp=1&bdt=1946&idt=166&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C578x280&nras=1&correlator=2383819275781&frm=20&pv=1&ga_vid=1954819136.1706370902&ga_sid=1706370902&ga_hid=1433315605&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=959&ady=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080534%2C31080619%2C44809530%2C95320868%2C95321626%2C95322164%2C95323006&oid=2&pvsid=2788842085618801&tmod=654301192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=168

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e253518d250e7e23807059255a6377f2ffe6172b8bf9f2f8a61c54fa5f54d3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://healthybodynow.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41427
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:55:02 GMT
expires: Sat, 27 Jan 2024 15:55:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 wp-emoji-release.min.js Show response
healthybodynow.net/wp-includes/js/ 18 KB
5 KB 635ms
635ms Script
text/javascript 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://healthybodynow.net/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:03 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 30 Mar 2023 01:38:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4904-5f81424dacd8d-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5AEMUjpL25VVTFLyHduytSI7kYqohVC2spRBgGuJ3LdAGZKHAr9VldACfpjA6mRwprYnucjADiTweBkh51u9qL%2Fp2HDG98ZW6p%2BcfKZvRxSbwIFuMfhTBCJvba2z12Ehvm%2BLY%2B7Q9N7jKazZIAnaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 84c22d7d8ca02c29-FRA

GET
H2

200

main.js Show response
healthybodynow.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame 6B77
Redirect Chain

https://healthybodynow.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://healthybodynow.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

7 KB
4 KB

22ms
21ms

Script
application/javascript

2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://healthybodynow.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

Requested by

Host: healthybodynow.net
URL: https://healthybodynow.net/

Protocol

Server

2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c69a500e2b02e975fa412057296c6796d506ad03ba8f86d8ff8e93d8dd062f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynsxbXf2j64R4Z0N35gQ6i6OPun7C2cg03q3D7KOXbVBEHOFkp1wqIuT9Xfv3nVIjihCHijciXXH1IbZBj7JAmpt8ZVXPdDtgMd4OltptwYW1%2Bub66x3bN8vrfPIHjYxIGdyAFERMHGRTyBOduKhzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 84c22d7dccd72c29-FRA

Redirect headers

date: Sat, 27 Jan 2024 15:55:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OFrUmDPLwk6vJcFAChjSKLuJCWQacX9KbMsDagXW14w1yYXDCbPRGYieF4CYkOTD0qI9QtmoY7I09tVjYARxnZX2eXQPHuhGwGFaLu%2BzCAc254EGcPmQ7som8xiiU83VkQplYCJ%2BPzwlfGJcho%2FdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
cache-control: max-age=300, public
cf-ray: 84c22d7d8ca22c29-FRA

POST
H2 200 84c22d4ee96b2c29 Show response
healthybodynow.net/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6B77 0
573 B 37ms
37ms XHR
text/plain 2606:4700:3108::ac42:2b28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://healthybodynow.net/cdn-cgi/challenge-platform/h/g/jsd/r/84c22d4ee96b2c29
Requested by: Host: healthybodynow.net
URL: https://healthybodynow.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 84c22d7e5da52c29-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blxR7Bsp6%2ButYqtaKyUIz8xlSsTy%2B627ALaJr5mBiKS7wkBgKO%2B5%2FcQIOMonwLnk8QtchxKqS7%2B1knwPk3tAzayUUTHkiyYUZ5QS0vryDGtMM1ohm%2B%2BLTgH4DiTZ0uQcCiae3BRGsV6zzRY9Gjtlsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 15080232447162834149
tpc.googlesyndication.com/simgad/ Frame 4C33 24 KB
24 KB 88ms
34ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15080232447162834149?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlU8gjkyiTzMA3LNLZclUeWClbnHg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7091741579438152&output=html&h=600&slotname=8507188518&adk=2748055346&adf=1979441008&pi=t.ma~as.8507188518&w=300&fwrn=4&fwrnh=100&lmt=1706370900&rafmt=1&format=300x600&url=https%3A%2F%2Fhealthybodynow.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706370902226&bpp=1&bdt=1946&idt=166&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C578x280&nras=1&correlator=2383819275781&frm=20&pv=1&ga_vid=1954819136.1706370902&ga_sid=1706370902&ga_hid=1433315605&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=959&ady=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080534%2C31080619%2C44809530%2C95320868%2C95321626%2C95322164%2C95323006&oid=2&pvsid=2788842085618801&tmod=654301192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6f423c06d1c9088da5a775fcd362601c0a51aef9e3b0700da9c14c79608ea77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:48:13 GMT
x-content-type-options: nosniff
age: 317209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24674
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 00:57:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 Jan 2025 23:48:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 4C33 23 KB
9 KB 58ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14445
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 11:54:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 21D5 143 B
166 B 35ms
34ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7091741579438152&output=html&h=600&slotname=8507188518&adk=2748055346&adf=1979441008&pi=t.ma~as.8507188518&w=300&fwrn=4&fwrnh=100&lmt=1706370900&rafmt=1&format=300x600&url=https%3A%2F%2Fhealthybodynow.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706370902226&bpp=1&bdt=1946&idt=166&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C578x280&nras=1&correlator=2383819275781&frm=20&pv=1&ga_vid=1954819136.1706370902&ga_sid=1706370902&ga_hid=1433315605&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=959&ady=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080534%2C31080619%2C44809530%2C95320868%2C95321626%2C95322164%2C95323006&oid=2&pvsid=2788842085618801&tmod=654301192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=168
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:30:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-gao3bwe2csolw-6xzmrmew2ltzdizd-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 492E 247 B
867 B 83ms
27ms Document
text/html 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gao3bwe2csolw-6xzmrmew2ltzdizd-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

98496b79704c01ce343d240997e121a9ab981e0d15bf5c2a2c14c42657d08de9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 202
content-security-policy-report-only: script-src 'nonce-uig8TqrXXJYvEAberChqoA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:55:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 4C33 3 KB
1 KB 73ms
30ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 14:21:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 14:21:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 4C33 20 KB
9 KB 54ms
11ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 23:41:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C33 205 KB
65 KB 93ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 15:55:02 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 4C33 36 KB
15 KB 81ms
38ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8d7facadee6df9e3f8ae5b0aeeef6f02045131ff8a2df78c95137bb73cbda99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14823
x-xss-protection: 0
server: cafe
etag: 5840398140224802838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 23:30:27 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 21D5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

24ms
24ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:55:02 GMT
expires: Sat, 27 Jan 2024 15:55:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:55:02 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4C33 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28c9addcceb9215ea7c1d4ef89d8ec38e3836f268576a8f035a6291f9cf51d84

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iframe.html Show response
p4-gao3bwe2csolw-6xzmrmew2ltzdizd-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 492E 5 KB
2 KB 19ms
19ms Document
text/html 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gao3bwe2csolw-6xzmrmew2ltzdizd-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-gao3bwe2csolw-6xzmrmew2ltzdizd-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-gao3bwe2csolw-6xzmrmew2ltzdizd-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

263844eeed81478d7db56db874dd0969455ce7ef6478afaa403f79b5bd80b96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-gao3bwe2csolw-6xzmrmew2ltzdizd-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1987
content-security-policy-report-only: script-src 'nonce-f3aq7R7XQtCapPK-FKrIgQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:55:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ 165 KB
56 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2236be0cb179a63955211c35a7b7f4bb90bb0d934bb1326c0cd8f22664fa92ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57007
x-xss-protection: 0
server: cafe
etag: 7324344240266353092
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 15:55:02 GMT

GET
H2 200 16491007673620308585
tpc.googlesyndication.com/simgad/ Frame 8D0B 90 KB
90 KB 15ms
14ms Image
image/gif 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16491007673620308585

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7091741579438152&output=html&h=280&slotname=9078034152&adk=1598601860&adf=3020769239&pi=t.ma~as.9078034152&w=578&fwrn=4&fwrnh=100&lmt=1706370900&rafmt=1&format=578x280&url=https%3A%2F%2Fhealthybodynow.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706370902225&bpp=1&bdt=1945&idt=157&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2383819275781&frm=20&pv=1&ga_vid=1954819136.1706370902&ga_sid=1706370902&ga_hid=1433315605&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=341&ady=370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080534%2C31080619%2C44809530%2C95320868%2C95321626%2C95322164%2C95323006&oid=2&pvsid=2788842085618801&tmod=654301192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=160

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc117b26842f0096fc7677916c1dc9ef47ecc57bde43c694709b018c759bb91f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 25 Jan 2025 17:50:59 GMT
date: Fri, 26 Jan 2024 17:50:59 GMT
x-content-type-options: nosniff
age: 79444
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91885
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 10:41:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 8D0B 23 KB
9 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 11:54:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8D0B 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 14:21:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 14:21:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8D0B 20 KB
8 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 23:41:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D0B 205 KB
65 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 15:55:03 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8D0B 36 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8d7facadee6df9e3f8ae5b0aeeef6f02045131ff8a2df78c95137bb73cbda99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14823
x-xss-protection: 0
server: cafe
etag: 5840398140224802838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 23:30:27 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BDC0 143 B
166 B 8ms
8ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7091741579438152&output=html&h=280&slotname=9078034152&adk=1598601860&adf=3020769239&pi=t.ma~as.9078034152&w=578&fwrn=4&fwrnh=100&lmt=1706370900&rafmt=1&format=578x280&url=https%3A%2F%2Fhealthybodynow.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706370902225&bpp=1&bdt=1945&idt=157&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2383819275781&frm=20&pv=1&ga_vid=1954819136.1706370902&ga_sid=1706370902&ga_hid=1433315605&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=341&ady=370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080534%2C31080619%2C44809530%2C95320868%2C95321626%2C95322164%2C95323006&oid=2&pvsid=2788842085618801&tmod=654301192&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=160
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1452
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:30:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4C33
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CNskIVie1ZYKGGtmTiM0P64i0gAXMkOqVdc2u9qmEEhQQASDz2JgZYJXCk4KgB6AB7LPywAHIAQKoAwHIA8kEqgTTAU_Q_rq-HvrKnpK-Hj8_FgOpBPn1yocM1CJaxmNQHa-yyQ14FIGk15D...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211269785049246999537%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%2...

0
0

77ms
39ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211269785049246999537%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214655814806725820033%22}&andc=true

Requested by

Host: healthybodynow.net
URL: https://healthybodynow.net/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11269785049246999537","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"14655814806725820033"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 27 Jan 2024 15:55:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 27 Jan 2024 15:55:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11269785049246999537","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"14655814806725820033"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame C684 51 KB
19 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 15:50:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 15:50:22 GMT

GET
DATA 200
OK truncated
/ Frame 8D0B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 424ce75f2b643e94d4395c44b4045bae8f57d06019fe5705ff02dd9781100f29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 121ms
45ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 27 Jan 2024 15:55:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 1DA8 9 KB
4 KB 10ms
9ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://healthybodynow.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 23:28:22 GMT
etag: 3890843268177463596
expires: Fri, 09 Feb 2024 23:28:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 8403 9 KB
4 KB 11ms
10ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://healthybodynow.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 23:28:22 GMT
etag: 3890843268177463596
expires: Fri, 09 Feb 2024 23:28:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 57D6 9 KB
4 KB 11ms
10ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://healthybodynow.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 23:28:22 GMT
etag: 3890843268177463596
expires: Fri, 09 Feb 2024 23:28:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame F969 9 KB
4 KB 12ms
11ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://healthybodynow.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 23:28:22 GMT
etag: 3890843268177463596
expires: Fri, 09 Feb 2024 23:28:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BDC0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

26ms
26ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:55:03 GMT
expires: Sat, 27 Jan 2024 15:55:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:55:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8D0B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cf3JfVie1ZdjnGeuyiM0PqJGomAWGrKGddZyigdThEqXVj5eNDhABIPPYmBlglcKTgqAHoAGqgvDcAcgBA6gDAcgDyYSAgASqBNwBT9DZfsKWN5cL_IAbi3XvZZNGgtfVq-K-SIaTIefc27U...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215854744906497072147%22,%22debug_reporting%22:true,%22destination%22:%22https://yoga-go.io%22,%22event_report_window%22:%2...

0
0

39ms
39ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215854744906497072147%22,%22debug_reporting%22:true,%22destination%22:%22https://yoga-go.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22463208746%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217193697688459804785%22}&andc=true

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15854744906497072147","debug_reporting":true,"destination":"https://yoga-go.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["463208746"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"17193697688459804785"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 27 Jan 2024 15:55:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 27 Jan 2024 15:55:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15854744906497072147","debug_reporting":true,"destination":"https://yoga-go.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["463208746"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"17193697688459804785"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 1DA8 4 KB
767 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 15:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 15:35:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 15:55:03 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1DA8 205 B
518 B 12ms
11ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:46:13 GMT
x-content-type-options: nosniff
age: 530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 26 Jan 2025 15:46:13 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1DA8 604 B
696 B 13ms
13ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:31:35 GMT
x-content-type-options: nosniff
age: 318208
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Jan 2025 23:31:35 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 1DA8 16 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6870
x-xss-protection: 0
server: cafe
etag: 16407976921096022632
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 23:35:25 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 1DA8 22 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59027
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9462
x-xss-protection: 0
server: cafe
etag: 4236850132385514013
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 23:31:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 8403 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 11:54:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6E5E 143 B
166 B 8ms
7ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1452
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:30:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8403 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 14:21:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 14:21:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8403 20 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 23:41:57 GMT

GET
H3 200 3549746075058518821
tpc.googlesyndication.com/simgad/ Frame 8403 24 KB
24 KB 20ms
19ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3549746075058518821?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkueHV3jiv_al0wgZX_YbP5qogJ4g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d24fa31b642d387f4454f9163f717aace980486f1943d8d6a161a70cefb113cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 12:19:14 GMT
x-content-type-options: nosniff
age: 272149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24179
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 13:32:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Jan 2025 12:19:14 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8403 205 KB
65 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 15:55:03 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8403 36 KB
15 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8d7facadee6df9e3f8ae5b0aeeef6f02045131ff8a2df78c95137bb73cbda99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14823
x-xss-protection: 0
server: cafe
etag: 5840398140224802838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 23:30:27 GMT

GET
H3 200 3549746075058518821
tpc.googlesyndication.com/simgad/ Frame 57D6 24 KB
24 KB 14ms
14ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3549746075058518821?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkueHV3jiv_al0wgZX_YbP5qogJ4g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d24fa31b642d387f4454f9163f717aace980486f1943d8d6a161a70cefb113cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 12:19:14 GMT
x-content-type-options: nosniff
age: 272149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24179
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 13:32:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Jan 2025 12:19:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 57D6 23 KB
9 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 11:54:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 056E 143 B
166 B 15ms
14ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1452
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:30:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 57D6 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 14:21:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 14:21:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 57D6 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 23:41:57 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 57D6 205 KB
65 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 15:55:03 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 57D6 36 KB
15 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8d7facadee6df9e3f8ae5b0aeeef6f02045131ff8a2df78c95137bb73cbda99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14823
x-xss-protection: 0
server: cafe
etag: 5840398140224802838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 23:30:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame F969 23 KB
9 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 11:54:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A979 143 B
166 B 15ms
10ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1452
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:30:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F969 3 KB
1 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 14:21:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 14:21:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F969 20 KB
8 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 23:41:57 GMT

GET
H3 200 10728789867465864858
tpc.googlesyndication.com/simgad/ Frame F969 13 KB
13 KB 16ms
12ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10728789867465864858?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnWkd0mgj42zfk_8YA09ysSUv_ezg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3040f5be882fa636fd35281b3cf4a9c0d139ee434b9ee94acec110eb9e7c09c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 17:51:11 GMT
x-content-type-options: nosniff
age: 79432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13543
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 09:09:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Jan 2025 17:51:11 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F969 205 KB
65 KB 29ms
25ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 15:55:03 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F969 36 KB
15 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8d7facadee6df9e3f8ae5b0aeeef6f02045131ff8a2df78c95137bb73cbda99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14823
x-xss-protection: 0
server: cafe
etag: 5840398140224802838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 23:30:27 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 43ms
39ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 27 Jan 2024 15:55:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 3437 2 KB
480 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 15:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 15:37:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 15:55:03 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 3437 2 KB
822 B 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 11:54:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 3437 23 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 11:54:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 3437 3 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 14:21:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 14:21:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 3437 20 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 23:41:57 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3437 205 KB
65 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 15:55:03 GMT

GET
H3 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame 3437 37 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 01:15:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 00:40:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 01:15:52 GMT

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame A7FD 51 KB
19 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 15:50:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 15:50:22 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6E5E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

16ms
16ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:55:03 GMT
expires: Sat, 27 Jan 2024 15:55:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:55:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 056E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

17ms
16ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:55:03 GMT
expires: Sat, 27 Jan 2024 15:55:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:55:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F969 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 840d6f16fae5d9a3487a765855c13d23b745f451a30b6cfbc45df7e0d03d2b38

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F969
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CtxW-Vie1ZePXGaeTiM0PzuWc0A6hj86WdfSMs7GuErns7u6SDhABIPPYmBlglcKTgqAHoAGqgvDcAcgBAqgDAcgDyQSqBN0BT9BgBpZSMGmsgoFCr0x-j48kdtubkFoP8Dy8RhuLxoMTQfR...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225866832729205137885%22,%22debug_reporting%22:true,%22destination%22:%22https://yoga-go.io%22,%22event_report_window%22:%22...

0
0

39ms
39ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225866832729205137885%22,%22debug_reporting%22:true,%22destination%22:%22https://yoga-go.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22463208746%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221340435079370455713%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5866832729205137885","debug_reporting":true,"destination":"https://yoga-go.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["463208746"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"1340435079370455713"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 27 Jan 2024 15:55:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 27 Jan 2024 15:55:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5866832729205137885","debug_reporting":true,"destination":"https://yoga-go.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["463208746"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"1340435079370455713"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A979
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

18ms
17ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:55:03 GMT
expires: Sat, 27 Jan 2024 15:55:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:55:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8403 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 171d16248b4b2c018f5bfb8f848b1f9f639186f1d1c02f05473642614eecd1f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
41ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 27 Jan 2024 15:55:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E94 51 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 15:50:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 15:50:22 GMT

GET
DATA 200
OK truncated
/ Frame 57D6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1eb0a0e10f91abfa9ba896c046e72c81c15f33fe2accaa820f41cd0ed2f24d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8403
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CsCf5Vie1ZeHXGaeTiM0PzuWc0A7lo6OTdcLd773FEpOe9f0IEAEg89iYGWCVwpOCoAegAYyU3acoyAECqAMByAPJBKoE3AFP0LWk5g8Pb2rpuFtbJbIcdktjfsj9tRj3hKhFNSVJ2Ji55nb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228849783873805941325%22,%22debug_reporting%22:true,%22destination%22:%22https://fasteasy.io%22,%22event_report_window%22:%2...

0
0

39ms
39ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228849783873805941325%22,%22debug_reporting%22:true,%22destination%22:%22https://fasteasy.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210820733452%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226795463285425343905%22}&andc=true

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8849783873805941325","debug_reporting":true,"destination":"https://fasteasy.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10820733452"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"6795463285425343905"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 27 Jan 2024 15:55:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 27 Jan 2024 15:55:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8849783873805941325","debug_reporting":true,"destination":"https://fasteasy.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10820733452"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"6795463285425343905"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7735 51 KB
19 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Host: healthybodynow.net
URL: https://healthybodynow.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 15:50:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 15:50:22 GMT

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 9256 51 KB
19 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 15:50:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 15:50:22 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 77ms
55ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b5be78e0ac88161ce44246cf1c473ee69cba28caa773198c7e9d5f0b7999d88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12242
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 57D6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CTTYkVie1ZeLXGaeTiM0PzuWc0A7lo6OTdeqm64OnEpOe9f0IEAEg89iYGWCVwpOCoAegAYyU3acoyAECqAMByAPJBKoE3AFP0FZJbgOHVA1UOvmxW_pvawIWlKqvB27aF8qG3McH_PIt8Rn...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225545577044992400771%22,%22debug_reporting%22:true,%22destination%22:%22https://fasteasy.io%22,%22event_report_window%22:%2...

0
0

40ms
39ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225545577044992400771%22,%22debug_reporting%22:true,%22destination%22:%22https://fasteasy.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210820733452%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227472685611361937345%22}&andc=true

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5545577044992400771","debug_reporting":true,"destination":"https://fasteasy.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10820733452"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"7472685611361937345"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 27 Jan 2024 15:55:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 27 Jan 2024 15:55:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5545577044992400771","debug_reporting":true,"destination":"https://fasteasy.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10820733452"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"7472685611361937345"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame CB57 51 KB
19 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 15:50:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 15:50:22 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 40ms
40ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 27 Jan 2024 15:55:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 39ms
39ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 27 Jan 2024 15:55:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 15:55:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 849D 13 KB
5 KB 10ms
10ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://healthybodynow.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 14:21:32 GMT
expires: Sun, 26 Jan 2025 14:21:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A624 829 B
561 B 20ms
20ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

048b5925f4c38dff4837339a33457254b1f997a471c8876412f4e1e7730e17fb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W6cNAzHs5fkW-MkWLVIOvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://healthybodynow.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-W6cNAzHs5fkW-MkWLVIOvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 15:55:03 GMT
expires: Sat, 27 Jan 2024 15:55:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 849D 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 14:21:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 14:21:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A624 0
0 169ms
169ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=2788842085618801&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 849D 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?glo6fA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 15:55:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8D0B 42 B
64 B 162ms
162ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmM6Wxm63QJ5C_KS3T2Q2LgwcAxt_JG14BQK-sG50O45WETBogNksszThjeqRuOI12soPUsnmMO5NvgFdg0LJLod2Jm7aezNL_bOaIFXnd2OHGW5w2Y5nQ3BAjKnBx16qhPI1V_OPqgc2jsPaWr4WDSDzO&sai=AMfl-YQjMdTD9XqTJrDhnUZ9Ko___ggkbPkEBLMhF8P_HmsgnJrjo3qEo0Vjj64F9ixUT-m22PM9_Y-kJAaZQTqwjqQkz1vc80DIJoi5VM0Gb-aOkMxkq74LyVJt1_R4M4-YMMLwvIWcQ2YsECvrbAugoA&sig=Cg0ArKJSzG5Zthk7RlvEEAE&cid=CAQSTwAvHhf_rfP5_BLUaQn53EaaFgEvqRG6pJbCNzDO-Ma-z16JImRVrHtVHBY_IcpLQlllSJo4IosWN5wZzxXG3mJOcMKPZRJ63UVQ7HV2oVsYAQ&id=lidar2&mcvt=1032&p=0,121,280,457&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1598601860&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170637090300&rst=1706370902386&rpt=741&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 15:55:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 163ms
163ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=2788842085618801&bg=!AgGlAU7NAAa8BdJLnAU7ADQBe5WfOBY7hyH3jSMJDdnGp7NritNq2c900xj1PD7AbFzXzIezDtBE8owzRAhH1oLUHslCAgAAADdSAAAAAWgBBwoAr-R1tPcSDNvWsA2KXVM-AIjyWfGd2rsL8rUs5U0lHnoZqXWjUKxElwtvNQQ0C4uFQC9Gkmv-Vc9kR2AxRujSHw-deTZ71jBtGtj-JPneu1HLoElu0AVEKluPmZww7omj_NldLh-orwnlwFgVHucgLcBUvDgzPNbaaggnwFqZsWICv1R10MjufKOnoj7JEdCQTfcZ7bughpXYQNK7fzWm3XIYlUFI1JO5guBFUgWJinCZAriATleSDvJ9PYsosQbkdrVwScCl0rol2qnNj15zNwNKJ7C8Cx20HP3gPTmjph-UgAlmIMTVa3mporZJklVyH9BxImu2lJfGuu3tcXplNd8KLEk56qtRtG1LG8p-udXLOVAfAaR2UIxLQLIxvqrxbmh2LKbcIus0DOfKJT3jRW8oWpEEtas8Tb7IGr_TD11w5OrdSnwQw0mF6KajheUjSd0lgg_8JoC0ubGq_7ny4os8kG1a196vmMBexjavVbt9PeDhp4mW4Ngc4e-r8j04ZxpHmWNRfXhnF1HY_porGntRZXvCBEJ1-uqlrgdHCZWYJeWBPwlAioj-R2yx2OHJPBtUWZFJ7hD2wsTGBcL7tomIhhTDYl8oThLEpr3l3ANGLU34BxaiRRYSC_n2RV2U7bOejHBGs7oz5ZVC1ErJ8SWNv0y2L_qPoFuZRGgfmHmAosJGZGlOcWfjn1YOFtzYdboC4ycVavLOChwvsoY-KZvpT-wsn1rzei91a8RHGmG-war5UNvfDJdbYgazTIk4720mmMdX_xYXrOJeGwYXwpZbgfk69Oahpnok47AsG9tvK9bZuIpHJmQPyP3hhGU_FrFrJ2mK02AcwjzxeEN2LJqcuo-4mzy6GeV2MqnDxheXPOD4jCa9pZVLt6B-0lZSz1fl6p54FQQvvQh7iQy4NhyZ-f4CK7fI7FYgQ8UjN45b-FI5eaCN5lfa01venfwvrUXNPKGN7mtPbBSwnyHU7DmWn7Zi5oI6c-feHsy9vmKfEEy1s4IMQ2qPGNTgbCb_iSwZlRxcXnTgt1BGIrNHZpXWe1F8PXRHtVrW5HtIMlTqySt_aYKyM13sKd4mCg3WIjGE_tIrSF6-BoRaCJrPX-Mhv7-m-J9XOB3K2Gx_z8O290_VmWPmlWxz_CmImBU4aYk69uPOL1d9A98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://healthybodynow.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8403 42 B
64 B 162ms
162ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHa11TXZGFpLUUGf9C7JSstLXHLRJyKoIsVwvQg2_w_r5wrKKy55POCwXej5_iVZx9gN6GXTYXon10BSwYZdFRPvadovhznNejAw1Aa2Rx3ebO8kxPIuvzmt-0R3CcMHsh6WLVEK0g5mWF0Ud4xjFUlRGG&sai=AMfl-YR630s11Co9ftvA9bbjbQ6dDUU7BIugyyfzHI_R3k_HN8xbAzS69ZV2-PAt-QjoJP6bRFgW72Zicx_A_SwhiIp377GPCiyG_iZyzIdUHCBnrOriai8diWnfMoOqlFzN9h2kji6sfDwXj2sHgbBf&sig=Cg0ArKJSzDenJlR86tiAEAE&cid=CAQSTgAvHhf_8T8f8R8Dm1lCRJvjhKIwk1VhNtHNqvqVaatbbPPwuHTB6yzqDU6Ub1OkuOFKxq9Ju4HKYRFZSy5SwwfxTuNZZ-BIkaJ5fTg6vhgB&id=lidar2&mcvt=1023&p=0,0,600,160&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170637090300&rst=1706370903082&rpt=162&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 15:55:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 57D6 42 B
64 B 166ms
166ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGE1mJxUOurBMeEmfuW6XXwckJclLTHHRJTv_rLGAwyA29poZ6ue8XpKB54wP-BT6SMczmdfW2z3Nvid8_bYcgxnjZkv3-MTkizaUDx5tm21RIV_vaGD8ZV9TYJrEvxJGqA1oQPQ7msOLHAseFSk-T16-D&sai=AMfl-YRc9d1pwSP9XBPVyQ-Wv03I1aPkSqcfpT3r91BSZXYfPWXyRRPV5XqGDEVn57D3HUWZUDEJ5eBgzclDwy2W-u586NgrDRj6A1oB7IRg_bAOpJp3hhFUa76XGseRARh13qQmkI9nNeyqYz4s2qDG&sig=Cg0ArKJSzHm-czrexPXnEAE&cid=CAQSTgAvHhf_8T8f8R8Dm1lCRJvjhKIwk1VhNtHNqvqVaatbbPPwuHTB6yzqDU6Ub1OkuOFKxq9Ju4HKYRFZSy5SwwfxTuNZZ-BIkaJ5fTg6vhgB&id=lidar2&mcvt=1029&p=0,0,600,160&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170637090300&rst=1706370903083&rpt=184&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 15:55:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F969 42 B
64 B 163ms
162ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHKXN5t919NJT-1y6ChZGdD9d0B3r_GRTVcTHo4yjwpj3ebE_BXGNKhn4jbEhhORVu3Kg4qXKw_QtR3O9uoh9eYinypQMiN43gpVfZ_iSVbma4mv9JYpKFXF9VbbQMirNpq0yP-cMNqFWUgOw6xLUxoz5f&sai=AMfl-YSaXKsQzA3wCBaeJPaNLKz1UoslBh8_MUS9pwqu0VFszj2ZH7-6-E0j5Ea0uqysJg3quO-_Ax6aVPoY4nnwKEop3i1kvcNzGieejQGAfrSHDpVHNkbtmPBADE8xqP2vX-joLTTuJTYSkia1s709&sig=Cg0ArKJSzIYq1R24ZAKWEAE&cid=CAQSTgAvHhf_8T8f8R8Dm1lCRJvjhKIwk1VhNtHNqvqVaatbbPPwuHTB6yzqDU6Ub1OkuOFKxq9Ju4HKYRFZSy5SwwfxTuNZZ-BIkaJ5fTg6vhgB&id=lidar2&mcvt=1021&p=0,0,124,1005&mtos=134,833,1021,1129,1281&tos=134,699,188,108,152&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170637090300&rst=1706370903083&rpt=194&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 15:55:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-22WYZ2WQNJ&gtm=45je41o0v9116177555&_p=1706370900332&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1954819136.1706370902&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1706370902&sct=1&seg=0&dl=https%3A%2F%2Fhealthybodynow.net%2F&dt=Healthy%20Body%20Now&_s=2&tfd=13078
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-22WYZ2WQNJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://healthybodynow.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 15:55:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://healthybodynow.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.healthybodynow.net/	1970-01-21 03:35:30	Name: _ga Value: GA1.1.1954819136.1706370902
.healthybodynow.net/	1970-01-21 02:45:06	Name: cf_clearance Value: TUaymcjdpI7dMfX9sj94byxCzjjosSNQjcWbejNATQk-1706370902-1-AevpVrqmTlLAiWbWIZGZwi7A2AXKO+wctgeCfw6N0VSmeGoB6VnZ05s30n9aMb45t1F643/NsKKrFBAnKuabwks=
.healthybodynow.net/	1970-01-21 03:21:06	Name: __gads Value: ID=ef0415f1879758dc:T=1706370902:RT=1706370902:S=ALNI_Mbmb2zQzoLX_dCk-sP7BGnlkBhXoQ
.healthybodynow.net/	1970-01-21 03:21:06	Name: __gpi Value: UID=00000d4ab6309b27:T=1706370902:RT=1706370902:S=ALNI_MaCZKgswt63FpVwb_9LXv33Ji51FQ
.doubleclick.net/	1970-01-20 17:59:34	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 03:21:06	Name: IDE Value: AHWqTUmRGi1xZsv1ZlPA84_twiw4geIurJjMzJaC2g7xHy-oN7tO1ulnd0nFGq35egA
.googleadservices.com/	1970-01-20 20:09:06	Name: ar_debug Value: 1
.healthybodynow.net/	1970-01-21 03:35:30	Name: _ga_22WYZ2WQNJ Value: GS1.1.1706370902.1.0.1706370903.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
healthybodynow.net
healthybodynowtoday.com
p4-gao3bwe2csolw-6xzmrmew2ltzdizd-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
region1.google-analytics.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.130
142.250.186.163
2001:4860:4802:34::36
2606:4700:3030::6815:44a4
2606:4700:3108::ac42:2b28
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:802::2001
2a00:1450:4001:809::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
000c133973f51958c22e3af6b87d89d211aebb30a33296299bcfb1b03a808896
048b5925f4c38dff4837339a33457254b1f997a471c8876412f4e1e7730e17fb
06ea2d81eebc9a8ed398db5d77899dfb2d10375a23e12e56452448c6aeef97d7
0949a0450b9ec9be732378d75f9f0dd76362598ce231136a2ca2bb5f6539b344
11ce1933897350f3113dc8399ea6541530e503805d648a618a84d3c336ff8dde
171d16248b4b2c018f5bfb8f848b1f9f639186f1d1c02f05473642614eecd1f8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
197b27b3c6db8eae65673a8c3d94cf40f3a8e19484df0efeaf672baf192cce5c
19e91a27614dce94a42f205cb6cf65044b60a354a7306b8bb51f97256d2be17f
1b5be78e0ac88161ce44246cf1c473ee69cba28caa773198c7e9d5f0b7999d88
1e253518d250e7e23807059255a6377f2ffe6172b8bf9f2f8a61c54fa5f54d3a
1e3eb2ee0d006f9d256e1796ccb35b06e859debf4c7711c7e17da589fcce653e
1f4b0be006aea378c3b049d356d304cea0774183fdb920c6242ad813b852b8e7
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
216296422421408062bb279dc4f12a0c8a26f3a952f91a2c89fa5d7f5d71ccac
2236be0cb179a63955211c35a7b7f4bb90bb0d934bb1326c0cd8f22664fa92ec
263844eeed81478d7db56db874dd0969455ce7ef6478afaa403f79b5bd80b96e
28c9addcceb9215ea7c1d4ef89d8ec38e3836f268576a8f035a6291f9cf51d84
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
424ce75f2b643e94d4395c44b4045bae8f57d06019fe5705ff02dd9781100f29
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
48280dd8e523275dc717ff178add4768aae6b48eda499fb73a20e23a330af6ab
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f7d3c20fea3123fffb9a1c9a7c2948225863cfe39cb1d60c000b200a90cf351
50f778d709432b89f1f8a3a9a90984c3d64192b57519e6b4da6766974c80e371
528885843a33c978d355be55c1d57337f34858ffb8fb6eecb7455d6c9d891113
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55bb1b0f36fafb317840a9fbe6fb33b7f9a2700f10121a94ce1056e70a385b1a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61de59b294452b90e690a803447be6c5ae6886bf5ef903b9dc5e616ade96a742
6831a1b7026dd6a61e75f38ada59c5c87ffcf0c4fdca13e154a81c1c69cf4f26
69214763ac9527788e9dc6f548392c74ee2c3200b276bd95cc7eb9045335456b
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6acf9a9d7539db1deb015db2d02d3985e66a486d71487d6a0fd3af983d340d7e
6b9063c764521ee9c75f2d52dc2a07f20cef202f9750237b0af1ddd583b77b11
6c2ebf65fdce2a9cdeac7d46bc165e84aa39be4d871b9daff42dc33ca254bb77
715b45b42f7582a7fd0d5f5a176c1b5596806b06bd381a9cd04ac584fa46a383
7c69a500e2b02e975fa412057296c6796d506ad03ba8f86d8ff8e93d8dd062f4
840d6f16fae5d9a3487a765855c13d23b745f451a30b6cfbc45df7e0d03d2b38
8592c8414f1a96b789c4118ca1e1e4dfb8f04738c610e88ec88cb8c55f645093
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
95acdda7ba2b8f094d5a109749820dc5df06027fef0f8cc3af62c5ac0d634bfc
98496b79704c01ce343d240997e121a9ab981e0d15bf5c2a2c14c42657d08de9
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a5f5f7768bfec3c16089897e45f939a84b744f5576852e2d003d8df1da565e08
a63ad5db399cbf133df4954868d069a0438e0f43082a25b09bd884deb1fe77c3
ab9a2df00eb4d27722f84a297ee57d5c4058d129ee3bde2e08180ee97bceff0b
b13c6367eab9392669551bb71fa0cc2eba7cf1b51d7d2ac7cfa4d29911547e8e
b2a06c30618dbec91ec4ef6c4d27414e305a199254e61489a50cbbd666a60c12
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991
bd57556526d03175f576494494c787d8d33553c8bd6c7a76462a1b4937612d05
c1051b0bb0b9af42b6a1fa4ee04ad0cdfdcb69ae68f600d315a38ac5323cd636
c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303
c3040f5be882fa636fd35281b3cf4a9c0d139ee434b9ee94acec110eb9e7c09c
c7b696f92d6d8217a3616faea717671ce28548fcf42c86904e988e45acfe732e
c821e8859e4d735435771cb09d559b05e4b0b6e00baede7fb6c6555c1485a0f9
ca82d172f9366a01881c54f9d8cf5d9320c32feed78de88803ec3c9223931e83
cc117b26842f0096fc7677916c1dc9ef47ecc57bde43c694709b018c759bb91f
d24fa31b642d387f4454f9163f717aace980486f1943d8d6a161a70cefb113cb
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d8d7facadee6df9e3f8ae5b0aeeef6f02045131ff8a2df78c95137bb73cbda99
da0363b6da219bf9930e1a4317fe7293acb670841b46f5d0990f84939e8c9688
e1eb0a0e10f91abfa9ba896c046e72c81c15f33fe2accaa820f41cd0ed2f24d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e8ea443726f237b3686a9a00f70333c65766217e28720ac4956971c47bac7b45
e9cc5fe47185072f83f7cdf06c1783d2b90802f6d32c4b13ef7a60f91981cdba
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6f423c06d1c9088da5a775fcd362601c0a51aef9e3b0700da9c14c79608ea77

healthybodynow.net Open in urlscan Pro 2606:4700:3108::ac42:2b28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

94 %HTTPS

87 %IPv6

11 Domains

15 Subdomains

15 IPs

2 Countries

4959 kBTransfer

8034 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

healthybodynow.net Open in urlscan Pro
2606:4700:3108::ac42:2b28 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

94 %
HTTPS

87 %
IPv6

11
Domains

15
Subdomains

15
IPs

2
Countries

4959 kB
Transfer

8034 kB
Size

8
Cookies

138 HTTP transactions
5 data transactions