brainsupport.healthrology.live Open in urlscan Pro
13.214.5.92  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response brainsupport.healthrology.live/	55 KB 11 KB	517ms 171ms	Document text/html	13.214.5.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://brainsupport.healthrology.live/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.214.5.92 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-214-5-92.ap-southeast-1.compute.amazonaws.com Software openresty / Resource Hash 71eb4a54d1c1edfed53227c5041b4c0b5ef14552f076ca1b30aa3249a2571bed Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server openresty date Thu, 17 Feb 2022 16:04:45 GMT content-type text/html; charset=utf-8 vary Accept-Encoding cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 statuscode 200 content-encoding gzip
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	204ms 108ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular&display=swap Requested by Host: brainsupport.healthrology.live URL: https://brainsupport.healthrology.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 57f5185dcdaa1855fcb24eb68ecc3749decde63896d586c8b82cf819012a47eb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://brainsupport.healthrology.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 17 Feb 2022 16:04:45 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 17 Feb 2022 16:04:45 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 17 Feb 2022 16:04:45 GMT
GET H2	200	ladipage.vi.min.js Show response w.ladicdn.com/v2/source/	318 KB 79 KB	82ms 8ms	Script text/javascript	89.187.169.15 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1645065320457 Requested by Host: brainsupport.healthrology.live URL: https://brainsupport.healthrology.live/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-632.bunnyinfra.net Software BunnyCDN-DE1-632 / Resource Hash 8bc38f88ab68d8c09cf93d9c0ea13a6ea696f9012a2eaf3cb28fa6157e299246 Request headers Accept-Language de-DE,de;q=0.9 Referer https://brainsupport.healthrology.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers cdn-storagebalancer NY-266 date Thu, 17 Feb 2022 16:04:45 GMT content-encoding br cdn-edgestorageid 756 perma-cache HIT cdn-storageserver SG-76 cdn-cachedat 02/17/2022 02:46:04 cdn-pullzone 575124 cdn-requestpullcode 200 server BunnyCDN-DE1-632 last-modified Thu, 17 Feb 2022 02:40:14 GMT cdn-proxyver 1.02 cdn-fileserver 233 etag W/"620db58e-4f98f" vary Accept-Encoding, Accept-Encoding content-type text/javascript cdn-cache HIT cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cache-control public, max-age=31919000 cdn-requestid 5451b6b0d7a433affa31f477e72b5532 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	js Show response www.googletagmanager.com/gtag/	101 KB 40 KB	188ms 81ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-614176184 Requested by Host: brainsupport.healthrology.live URL: https://brainsupport.healthrology.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e0fcf6625b66dac89a70b42ae25009abd54286e45a5ab7514697942e9bc525ff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://brainsupport.healthrology.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 17 Feb 2022 16:04:45 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40727 x-xss-protection 0 last-modified Thu, 17 Feb 2022 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 17 Feb 2022 16:04:45 GMT
GET H2	200	ladipage.min.css w.ladicdn.com/v2/source/	66 KB 9 KB	20ms 19ms	Stylesheet text/css	89.187.169.15 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/v2/source/ladipage.min.css?v=1645065320457 Requested by Host: brainsupport.healthrology.live URL: https://brainsupport.healthrology.live/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-632.bunnyinfra.net Software BunnyCDN-DE1-632 / Resource Hash cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf Request headers Accept-Language de-DE,de;q=0.9 Referer https://brainsupport.healthrology.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers cdn-storagebalancer NY-267 date Thu, 17 Feb 2022 16:04:45 GMT content-encoding br cdn-edgestorageid 565 perma-cache HIT cdn-storageserver SG-76 cdn-cachedat 02/17/2022 02:56:37 cdn-pullzone 575124 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-requestpullcode 200 server BunnyCDN-DE1-632 access-control-allow-origin * last-modified Thu, 17 Feb 2022 02:40:15 GMT cdn-proxyver 1.02 cdn-fileserver 233 etag W/"620db58f-1071b" vary Accept-Encoding, Accept-Encoding content-type text/css cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestid 8279ac977271d4850ca65c477e54ef06 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	2-2.jpg w.ladicdn.com/s1440x1194/57b167c9ca57d39c18a1c57c/	159 KB 160 KB	12ms 12ms	Image image/jpeg	89.187.169.15 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s1440x1194/57b167c9ca57d39c18a1c57c/2-2.jpg Requested by Host: brainsupport.healthrology.live URL: https://brainsupport.healthrology.live/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-632.bunnyinfra.net Software BunnyCDN-DE1-632 / Resource Hash 2389fe1f0966b65dfa66120af0366dbc72e5d52d5f7753680d2d469a789d5101 Request headers Accept-Language de-DE,de;q=0.9 Referer https://brainsupport.healthrology.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 17 Feb 2022 16:04:45 GMT cdn-edgestorageid 756 perma-cache HIT cdn-storageserver NY-266 cdn-cachedat 02/17/2022 09:58:48 cdn-pullzone 575124 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match content-length 163151 server BunnyCDN-DE1-632 access-control-allow-origin * last-modified Fri, 14 Jan 2022 05:11:26 GMT cdn-proxyver 1.02 cdn-fileserver 208 etag "61e105fe-27d4f" content-type image/jpeg cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestpullcode 200 cdn-requestid 5536c06a7ad3eece104d8ae44b3de5e6 accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	usa-1-oxugymevisvdn4uyfi7wnx7dkhbqgyo22gowqumzu0-20201209042703.png w.ladicdn.com/s450x450/5e44e9d245013e3a13c7ab3f/	9 KB 10 KB	11ms 11ms	Image image/png	89.187.169.15 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s450x450/5e44e9d245013e3a13c7ab3f/usa-1-oxugymevisvdn4uyfi7wnx7dkhbqgyo22gowqumzu0-20201209042703.png Requested by Host: brainsupport.healthrology.live URL: https://brainsupport.healthrology.live/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-632.bunnyinfra.net Software BunnyCDN-DE1-632 / Resource Hash 87159e954a2fbd90e02c68fd7b3bebbe66336925966b944f75a43f860866618d Request headers Accept-Language de-DE,de;q=0.9 Referer https://brainsupport.healthrology.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 17 Feb 2022 16:04:45 GMT cdn-edgestorageid 601 perma-cache HIT cdn-storageserver NY-106 cdn-cachedat 01/14/2022 09:24:35 cdn-pullzone 575124 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match content-length 9179 server BunnyCDN-DE1-632 access-control-allow-origin * last-modified Fri, 14 Jan 2022 05:09:23 GMT cdn-proxyver 1.02 cdn-fileserver 267 etag "61e10583-23db" content-type image/png cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestpullcode 200 cdn-requestid 082d93e4333e5f9e978e419ba043741d accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	earth-oxugymevisvdn4uyfi7wnx7dkhbqgyo22gowqumzu0-20201209042655.png w.ladicdn.com/s450x450/5e44e9d245013e3a13c7ab3f/	14 KB 15 KB	28ms 27ms	Image image/png	89.187.169.15 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s450x450/5e44e9d245013e3a13c7ab3f/earth-oxugymevisvdn4uyfi7wnx7dkhbqgyo22gowqumzu0-20201209042655.png Requested by Host: brainsupport.healthrology.live URL: https://brainsupport.healthrology.live/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-632.bunnyinfra.net Software BunnyCDN-DE1-632 / Resource Hash 1866994a6d53787cc6969fe1ead960a3e96d0af9cea0c01bc262fa49e0c2fb73 Request headers Accept-Language de-DE,de;q=0.9 Referer https://brainsupport.healthrology.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 17 Feb 2022 16:04:45 GMT cdn-edgestorageid 601 perma-cache HIT cdn-storageserver NY-106 cdn-cachedat 01/14/2022 09:44:48 cdn-pullzone 575124 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match content-length 14363 server BunnyCDN-DE1-632 access-control-allow-origin * last-modified Fri, 14 Jan 2022 05:09:28 GMT cdn-proxyver 1.02 cdn-fileserver 205 etag "61e10588-381b" content-type image/png cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestpullcode 200 cdn-requestid 014daea6226fb6b55e656636c16cfc11 accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
OPTIONS H2	200	event a.ladipage.com/	0 0	655ms 218ms	Preflight application/json	13.251.34.212 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ladipage.com/event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.251.34.212 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-251-34-212.ap-southeast-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view Origin https://brainsupport.healthrology.live User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Sec-Fetch-Mode cors Response headers date Thu, 17 Feb 2022 16:04:46 GMT content-type application/json; charset=utf-8 x-frame-options SAMEORIGIN x-xss-protection 0 x-content-type-options nosniff x-download-options noopen access-control-allow-origin * access-control-allow-methods POST, OPTIONS access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily access-control-max-age 2592000 vary Accept-Encoding content-encoding gzip
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v23/	30 KB 30 KB	278ms 159ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://brainsupport.healthrology.live Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 16 Feb 2022 08:55:44 GMT x-content-type-options nosniff age 112142 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30876 x-xss-protection 0 last-modified Thu, 03 Feb 2022 00:11:59 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 16 Feb 2023 08:55:44 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v27/	44 KB 44 KB	192ms 75ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Montserrat:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://brainsupport.healthrology.live Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 16 Feb 2022 00:14:34 GMT x-content-type-options nosniff age 143412 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44656 x-xss-protection 0 last-modified Thu, 28 Oct 2021 00:30:43 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 16 Feb 2023 00:14:34 GMT
POST H2	200	event Show response a.ladipage.com/	106 B 632 B	223ms 222ms	XHR text/plain	13.251.34.212 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ladipage.com/event Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1645065320457 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.251.34.212 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-251-34-212.ap-southeast-1.compute.amazonaws.com Software / Resource Hash 4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers LADI_CLIENT_ID 6fdb03bf-1983-46ce-72de-0a3ebf0b920d LADI_CAMP_ORIGIN_URL LADI_CAMP_ID Accept-Language de-DE,de;q=0.9 LADI_CAMP_FORM_SUBMIT 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 LADI_FORM_SUBMIT 0 LADI_CAMP_NAME Content-Type application/json Referer https://brainsupport.healthrology.live/ LADI_CAMP_TARGET_URL LADI_CAMP_PAGE_VIEW 0 LADI_PAGE_VIEW 1 LADI_CAMP_TYPE Response headers date Thu, 17 Feb 2022 16:04:46 GMT x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods POST, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-max-age 2592000 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily x-xss-protection 0
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	39 KB 15 KB	318ms 107ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-614176184 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://brainsupport.healthrology.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 17 Feb 2022 16:04:46 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14879 x-xss-protection 0 server cafe etag 17635014576153706337 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Thu, 17 Feb 2022 16:04:46 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/614176184/	2 KB 2 KB	263ms 93ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/614176184/?random=1645113886462&cv=9&fst=1645113886462&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbrainsupport.healthrology.live%2F&tiba=HealthCareS&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cb2a95a4402ab8b9ff65a7fdfec8f4c09530a7b8724d7278baf778a182b05189 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://brainsupport.healthrology.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Thu, 17 Feb 2022 16:04:46 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1032 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/614176184/	2 KB 1 KB	263ms 94ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/614176184/?random=1645113886464&cv=9&fst=1645113886464&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3DScrollDepth_100_percent%3Bevent_category%3DLadiPageScrollDepth%3Bevent_label%3Dbrainsupport.healthrology.live%2F%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fbrainsupport.healthrology.live%2F&tiba=HealthCareS&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e9f65af820c8f9a86f48026415ddfe42a02a1e83dd6f87f203f46e20522b4a8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://brainsupport.healthrology.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Thu, 17 Feb 2022 16:04:46 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1086 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/614176184/	42 B 108 B	245ms 67ms	Image image/gif	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/614176184/?random=1645113886462&cv=9&fst=1645113600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbrainsupport.healthrology.live%2F&tiba=HealthCareS&async=1&fmt=3&is_vtc=1&random=613700328&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: brainsupport.healthrology.live URL: https://brainsupport.healthrology.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://brainsupport.healthrology.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Thu, 17 Feb 2022 16:04:46 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/614176184/	42 B 108 B	232ms 62ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/614176184/?random=1645113886462&cv=9&fst=1645113600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbrainsupport.healthrology.live%2F&tiba=HealthCareS&async=1&fmt=3&is_vtc=1&random=613700328&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: brainsupport.healthrology.live URL: https://brainsupport.healthrology.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://brainsupport.healthrology.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Thu, 17 Feb 2022 16:04:46 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/614176184/	42 B 548 B	241ms 65ms	Image image/gif	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/614176184/?random=1645113886464&cv=9&fst=1645113600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3DScrollDepth_100_percent%3Bevent_category%3DLadiPageScrollDepth%3Bevent_label%3Dbrainsupport.healthrology.live%2F%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fbrainsupport.healthrology.live%2F&tiba=HealthCareS&async=1&fmt=3&is_vtc=1&random=813997833&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: brainsupport.healthrology.live URL: https://brainsupport.healthrology.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://brainsupport.healthrology.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Thu, 17 Feb 2022 16:04:46 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/614176184/	42 B 548 B	229ms 61ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/614176184/?random=1645113886464&cv=9&fst=1645113600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3DScrollDepth_100_percent%3Bevent_category%3DLadiPageScrollDepth%3Bevent_label%3Dbrainsupport.healthrology.live%2F%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fbrainsupport.healthrology.live%2F&tiba=HealthCareS&async=1&fmt=3&is_vtc=1&random=813997833&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: brainsupport.healthrology.live URL: https://brainsupport.healthrology.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://brainsupport.healthrology.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Thu, 17 Feb 2022 16:04:46 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| ladi_viewport boolean| ladi_is_desktop function| ladi_fbq function| gtag object| dataLayer function| LadiPageScriptV2 object| Base64 object| LadiPageScript object| LadiFormApi function| parseFloatLadiPage function| decodeURIComponentLadiPage function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| LadiPageLibraryV2 function| LadiPageAppV2 function| ladi object| LadiPageApp object| google_tag_manager object| google_tag_data function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			brainsupport.healthrology.live/	1970-01-23 16:34:33	Name: LADI_DNS_CHECK Value: "2022-02-17 16:04:45.588581405 +0000 UTC m=+2124287.676127077"
			brainsupport.healthrology.live/	1970-01-23 16:34:33	Name: LADI_CLIENT_ID Value: 6fdb03bf-1983-46ce-72de-0a3ebf0b920d
			brainsupport.healthrology.live/	1970-01-23 16:34:33	Name: LADI_FORM_SUBMIT Value: 0
			brainsupport.healthrology.live/	1970-01-23 16:34:33	Name: LADI_PAGE_VIEW Value: 1
			brainsupport.healthrology.live/	1970-01-20 01:00:00	Name: _timenow Value: 1645113885911
			.healthrology.live/	1970-01-20 03:08:09	Name: _gcl_au Value: 1.1.1415674566.1645113886
			.doubleclick.net/	1970-01-20 00:58:34	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
brainsupport.healthrology.live
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
w.ladicdn.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.214.5.92
13.251.34.212
142.250.185.98
2a00:1450:4001:803::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:827::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2008
89.187.169.15
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
1866994a6d53787cc6969fe1ead960a3e96d0af9cea0c01bc262fa49e0c2fb73
2389fe1f0966b65dfa66120af0366dbc72e5d52d5f7753680d2d469a789d5101
4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843
57f5185dcdaa1855fcb24eb68ecc3749decde63896d586c8b82cf819012a47eb
71eb4a54d1c1edfed53227c5041b4c0b5ef14552f076ca1b30aa3249a2571bed
87159e954a2fbd90e02c68fd7b3bebbe66336925966b944f75a43f860866618d
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8bc38f88ab68d8c09cf93d9c0ea13a6ea696f9012a2eaf3cb28fa6157e299246
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
cb2a95a4402ab8b9ff65a7fdfec8f4c09530a7b8724d7278baf778a182b05189
cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf
e0fcf6625b66dac89a70b42ae25009abd54286e45a5ab7514697942e9bc525ff
e9f65af820c8f9a86f48026415ddfe42a02a1e83dd6f87f203f46e20522b4a8d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629