www.med-health.net Open in urlscan Pro
2606:4700:3031::ac43:b712 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://med-health.net/
Effective URL:
http://www.med-health.net/
Submission: On November 01 via manual (November 1st 2022, 11:12:09 pm UTC) from US — Scanned from DE

Summary HTTP 102 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 17 domains to perform 102 HTTP transactions. The main IP is 2606:4700:3031::ac43:b712, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.med-health.net.

This is the only time www.med-health.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::6815:2411	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2606:4700:303... 2606:4700:3031::ac43:b712	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1 1	18.158.130.124 18.158.130.124	16509 (AMAZON-02) (AMAZON-02)
5	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
102	18

1 2606:4700:3034::6815:2411 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

med-health.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:3031::ac43:b712 (United States)

ASN13335 (CLOUDFLARENET, US)

www.med-health.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

p4-btqfjyuejc75i-qqyjx67pzctobbrp-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.130.124 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-130-124.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	518 KB
30	med-health.net 1 redirects med-health.net www.med-health.net	472 KB
16	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 320	111 KB
8	gstatic.com www.gstatic.com p4-btqfjyuejc75i-qqyjx67pzctobbrp-if-v6exp3-v4.metric.gstatic.com	32 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 134 www.google.com — Cisco Umbrella Rank: 17	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	141 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 666	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 922	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5594	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	20 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 483	457 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 2255	351 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 899	98 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 913	761 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 989	463 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1047	699 B
102	17

	Domain	Requested by
29	www.med-health.net	www.med-health.net
18	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
14	pagead2.googlesyndication.com	www.med-health.net pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com www.googletagservices.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.med-health.net googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	www.google.com	2 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	p4-btqfjyuejc75i-qqyjx67pzctobbrp-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-btqfjyuejc75i-qqyjx67pzctobbrp-if-v6exp3-v4.metric.gstatic.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.med-health.net www.google-analytics.com
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	med-health.net	1 redirects
102	22

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 16 frames:

Primary Page: http://www.med-health.net/
Frame ID: 3CFDAB204A25072FFABE09FD10894A92
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20190131/zrt_lookup.html
Frame ID: 859261E7DA3838ED648621648304F815
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8644718515741361&output=html&adk=1812271804&adf=3025194257&lmt=1667344323&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.med-health.net%2F&ea=0&pra=5&wgl=1&dt=1667344322997&bpp=4&bdt=336&idt=255&shv=r20221027&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6015416803606&frm=20&pv=2&ga_vid=227702234.1667344323&ga_sid=1667344323&ga_hid=1510951230&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070617%2C44775017&oid=2&pvsid=862710211434038&tmod=2055105902&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=274
Frame ID: 6619F0D27271E04419467FF119C546B5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8644718515741361&output=html&h=600&adk=555579409&adf=4149340102&pi=t.aa~a.1884218492~rp.4&w=231&fwrn=4&fwrnh=100&lmt=1667344324&rafmt=1&to=qs&pwprc=5434728023&format=231x600&url=http%3A%2F%2Fwww.med-health.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1667344324303&bpp=2&bdt=1642&idt=2&shv=r20221027&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde233ab76142d672-22ea6ce960ce008b%3AT%3D1667344323%3ART%3D1667344323%3AS%3DALNI_MaQgeTfGKZY_ucyIHovJmbsqUYywg&gpic=UID%3D00000b7b7fe1de11%3AT%3D1667344323%3ART%3D1667344323%3AS%3DALNI_MZFEnibzrMBYJdFrECRDR2hfkC10g&prev_fmts=0x0&nras=2&correlator=6015416803606&frm=20&pv=1&ga_vid=227702234.1667344323&ga_sid=1667344323&ga_hid=1510951230&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=1270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070617%2C44775017&oid=2&pvsid=862710211434038&tmod=2055105902&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ytvt1bvs26&p=http%3A//www.med-health.net&dtd=9
Frame ID: 3FA42B44E006FBF4794A9493055DC1FE
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1
Frame ID: 517AEE0E8C87F2822F899D96280C855A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1
Frame ID: 24C2560A733FBF0B582D5CD6DBB38393
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B41F752380B9BCDF3486B4F215281B91
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019
Frame ID: 5AA40576EB381512933402236A9B9D2E
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AA29EA68724B8F7F049B592DB84F8AEF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2B380BD97B6B54BD6309AE59F6031220
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Frame ID: B857A4A93CF4C2DC27485E9482CCF43A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Frame ID: C1169BF9FA139D6F9E2890960CD06901
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E29428AC78C6AD6F64BD556539835583
Requests: 2 HTTP requests in this frame

Frame: https://p4-btqfjyuejc75i-qqyjx67pzctobbrp-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: B8E40679FA8AE8EC2018E75D9AFC28C2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1C1FA0C5155048E83EDE51ED2E1D30DD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Frame ID: 83D5BF93188D9B6DDF65E78B5E254517
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Med-Health.net | Med-Health.net

Page URL History Show full URLs

http://med-health.net/ HTTP 301
http://www.med-health.net/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

102
Requests

66 %
HTTPS

64 %
IPv6

17
Domains

22
Subdomains

18
IPs

4
Countries

1298 kB
Transfer

3072 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://med-health.net/ HTTP 301
http://www.med-health.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 71

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 91

https://d.agkn.com/pixel/2175/?google_gid=CAESEOY4xlZMCHLBNbCrBUNttEI&google_cver=1&google_push=AZmPxg_OjiM26ktYBKnlXL6oEJm2EhgMZWfyv1VYsC4vOFB_CaFvHq44sU39H-hfvchStd_0x4STTqWbTvyp8FI1j9Xa3JeqBo9d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_OjiM26ktYBKnlXL6oEJm2EhgMZWfyv1VYsC4vOFB_CaFvHq44sU39H-hfvchStd_0x4STTqWbTvyp8FI1j9Xa3JeqBo9d&google_hm=Q0FFU0VPWTR4bFpNQ0hMQk5iQ3JCVU50dEVJ

Request Chain 94

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPkxrgGP_PEcSvOcrCN7CXo&google_cver=1&google_push=AZmPxg9UIzjntQyGb4sQamRU8nsklVBf1nxkfidlk0Tu2Jf9bgFhwdKzLmYFkl8k5t1b0ZwBBE7CmPg1iVQ6tAq7uvQNtBfZX8I HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPkxrgGP_PEcSvOcrCN7CXo&google_cver=1&google_push=AZmPxg9UIzjntQyGb4sQamRU8nsklVBf1nxkfidlk0Tu2Jf9bgFhwdKzLmYFkl8k5t1b0ZwBBE7CmPg1iVQ6tAq7uvQNtBfZX8I&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6vmLs-E0Tg-y2ax6OrS1dw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9UIzjntQyGb4sQamRU8nsklVBf1nxkfidlk0Tu2Jf9bgFhwdKzLmYFkl8k5t1b0ZwBBE7CmPg1iVQ6tAq7uvQNtBfZX8I

Request Chain 95

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKH6NYY6ISlRn-lwGMbCW-M&google_cver=1&google_push=AZmPxg_dIJ2xnq9GBN01hI655tzQQ7VZKgBC5nvtlpaX9iFsIeBl5zjEfZ6I8R62xktMGEDHjzwmh8fRD9_YhfchPQTfOu7aLmAb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlZVFJGREktWi1JWVhJ&google_push=AZmPxg_dIJ2xnq9GBN01hI655tzQQ7VZKgBC5nvtlpaX9iFsIeBl5zjEfZ6I8R62xktMGEDHjzwmh8fRD9_YhfchPQTfOu7aLmAb

Request Chain 96

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOXwGvnTSx8hgMPC8Hpm9v4&google_cver=1&google_push=AZmPxg_Bubp7Uf99EyBR84ct7pn8voyt99G8ydj8M7DHrX2milCaSZuukCuvmYT3KvKqDrdPEY7LDx2bHxEgVs4C0W3WIjYIGaUY HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOXwGvnTSx8hgMPC8Hpm9v4&google_push=AZmPxg_Bubp7Uf99EyBR84ct7pn8voyt99G8ydj8M7DHrX2milCaSZuukCuvmYT3KvKqDrdPEY7LDx2bHxEgVs4C0W3WIjYIGaUY&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOXwGvnTSx8hgMPC8Hpm9v4&google_hm=Y2GnxdgQIpd3o8IdRRWtFQAAFA8AAAAB&google_nid=index&google_push=AZmPxg_Bubp7Uf99EyBR84ct7pn8voyt99G8ydj8M7DHrX2milCaSZuukCuvmYT3KvKqDrdPEY7LDx2bHxEgVs4C0W3WIjYIGaUY

Request Chain 98

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

102 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.med-health.net/
Redirect Chain

http://med-health.net/
http://www.med-health.net/

27 KB
7 KB

654ms
462ms

Document
text/html

2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50c12f9e171d9eec0e0354b04881d83d25b38d36f99ab2feeca5e4ad39cd20e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7638501ccefe9176-FRA
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 01 Nov 2022 23:12:02 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9%2FUCsJNOcsGlVzLLVyfHdq0Y9PvHrnwQRoDKgF9qYe4N5r%2FdITRaGpd1VSjwkrIcbERQxK211V%2BLsFqrJctSK1OuVu58n9Ct1fbDVFhGcI1VB8%2FY4p3L8ySjIgeEFjjpBjACQRDL%2Fd11u9N3ZQ1zNg%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7638501759e5bbfd-FRA
Connection: keep-alive
Content-Type: text/html
Date: Tue, 01 Nov 2022 23:12:01 GMT
Location: http://www.med-health.net/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hfD5okyQDC0wYKuwGB4RVNs0RH15U1ynT8mwDpucCx99tAchj1DozuSw4mtS7OF1XIfZnIWf1buf3QaY0em768%2FLYB0ydimObK5CwkXPC84NKpfRqagXPKOAKc2pAUogA4DqXoJAIbvSD9Bog%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK jquery-ui-1.9.2.custom.css
www.med-health.net/themes/med-health/css/ 58 KB
10 KB 17ms
16ms Stylesheet
text/css 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.med-health.net/themes/med-health/css/jquery-ui-1.9.2.custom.css
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9508e6f157649c0de0b5489f2053a45f21b53eec174be185c149bf138a158ed0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:02 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 233134
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Wed, 02 Dec 2015 12:25:59 GMT
Server: cloudflare
ETag: W/"565ee357-e95c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCFF1x7GVXgS2UAm4YvkD%2Fc3HsMV%2BkGbql46xkLC6gAjeDlf6BIVv9oNy1siHJIBallGAUNnJOisSp5JRfrNNVD6kHTNdVueafv26AV1GtD2cNpFUsgqD2LehIttPQ4c1qu%2FJuvBF1wGpVn08oanr7U%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=604800
CF-RAY: 76385020ad529176-FRA
Expires: Sun, 06 Nov 2022 06:26:28 GMT

GET
H/1.1 200
OK main.css
www.med-health.net/themes/med-health/css/ 38 KB
9 KB 47ms
31ms Stylesheet
text/css 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.med-health.net/themes/med-health/css/main.css
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b7b3e24de9d41a5358a1a1607dfcc35db815fdd6871d98e54cabdc02710c85e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:02 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 233134
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Mon, 21 Mar 2016 02:13:13 GMT
Server: cloudflare
ETag: W/"56ef58b9-9962"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBi90n5HKsDcS4HDucPvOzHNbU8fPpWGvlJbu6dRWUetzR1h%2Bqm4E5LCFC5yiMEqT3jU8SmrZli6Q2bSuYcvsJAjGQbpxqrNNsif1R3F7dmFa0ArGAVsYdjvqOE0C9YfN27lraMF%2BEC8hl39A2V1WG8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=604800
CF-RAY: 76385020bc609186-FRA
Expires: Sun, 06 Nov 2022 06:26:28 GMT

GET
H/1.1 200
OK flexslider.css
www.med-health.net/themes/med-health/css/ 3 KB
2 KB 48ms
32ms Stylesheet
text/css 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.med-health.net/themes/med-health/css/flexslider.css
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f2ee5f3e0d4a5f486d1c59a15d0c0c33c4be58fe0c52b778ad0b5836005f6e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:02 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 247247
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Wed, 02 Dec 2015 12:25:59 GMT
Server: cloudflare
ETag: W/"565ee357-ce3"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVcEiS2rBvvsN4HwqiRpyLUSVSUEdpt%2BQwnAIGh391Cf8x%2FREbK5EdMnyQlHDqruwoxV%2B%2F%2FfqtVM%2F1Wn30LJ96YZYUAyxx6vZW5PsrEsqHuWCZSEFp3LexVRSKrJ7raMfyevCEsJ0oa0GkyCKtM6%2Ftc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=604800
CF-RAY: 76385020bd899006-FRA
Expires: Sun, 06 Nov 2022 02:31:14 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
58 KB 146ms
61ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.med-health.net
URL: http://www.med-health.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c283c76ccc10b51539f0aae203603588cab6beae9ec832f4004d741cedfa5906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 58269
X-XSS-Protection: 0
Server: cafe
ETag: 18157336334895578121
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Tue, 01 Nov 2022 23:12:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
55 KB 192ms
66ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8644718515741361

Requested by

Host: www.med-health.net
URL: http://www.med-health.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab45ee6020b00217f4ccfdcb1713e3967a069e13d2bbac4f0820cd3701a147b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.med-health.net/
Origin: http://www.med-health.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 23:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55474
x-xss-protection: 0
server: cafe
etag: 11844014192541948600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 23:12:02 GMT

GET
H/1.1 200
OK 1422206917.jpg
www.med-health.net/sliders/ 23 KB
24 KB 560ms
513ms Image
image/jpeg 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/sliders/1422206917.jpg
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99ae0a90f943df3192a8f1d634239a7e17e776140885ea450ddb720f45543294

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 23541
Last-Modified: Wed, 22 Apr 2015 22:51:46 GMT
Server: cloudflare
ETag: "55382602-5bf5"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ob2BcGg9hEI89gr7YWURpJEyJNXfq6PiNybeBjt53pqS9INwjxcFGvwUd2HwsvBsEjy%2B6CcfL5c65mXdYHkfeNiKAwpIvjuVm%2F%2BgszHG%2FToH%2BhXoP1z%2BvEkvuDk81E7XzNyc0CyBXJddz7O7ZxAEIL8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 76385021498f9226-FRA
Expires: Tue, 08 Nov 2022 23:12:03 GMT

GET
H/1.1 200
OK 1466587280.jpg
www.med-health.net/sliders/ 40 KB
41 KB 564ms
516ms Image
image/jpeg 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/sliders/1466587280.jpg
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35a853b37ec9808762b60c2021b8ae558ef4b7784f27b00ec7d75054faa32fc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 40837
Last-Modified: Wed, 22 Jun 2016 09:21:20 GMT
Server: cloudflare
ETag: "576a5890-9f85"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZbtIGSh8PJVHW8pT0TLNZ%2Bq53WLTlpAgY4RmCusETHv0Skv9n4164tAW9OBW5uDk8bV%2FmP74XTmoFbFZeNCHaYZeSDHJ6MKp%2F0mZ%2FqUZsyY1b2Z%2FoZlPUPSO4HqE4C8apHRYYjDg4JgqAwjLvG%2Fe%2Fs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 763850214a27bbc1-FRA
Expires: Tue, 08 Nov 2022 23:12:03 GMT

GET
H/1.1 200
OK 1466587292.jpg
www.med-health.net/sliders/ 56 KB
56 KB 701ms
678ms Image
image/jpeg 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/sliders/1466587292.jpg
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd1bebebe81143131b13f42b81ebde8e1e69b5d41af455db3c5e8e5c4dedb82b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 56837
Last-Modified: Wed, 22 Jun 2016 09:21:32 GMT
Server: cloudflare
ETag: "576a589c-de05"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXHxvUv2OXttGWpCoCD%2BmJI3EZP%2BL%2Fi1v48Pkd%2B%2BYvWw%2FuHMp8fzp6KWAMH4v%2FKLaVADhxpmoo%2Fl%2Bm%2F1BXy%2BvUpO207MlH2qTfo%2FghUXA%2BpZgHTdJU0O0ZOqiZsPqUIDhIaA4j5QvZGjLD58DgNl%2FhY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 763850214b679bf5-FRA
Expires: Tue, 08 Nov 2022 23:12:03 GMT

GET
H/1.1 200
OK 1421673942.jpg
www.med-health.net/sliders/ 24 KB
25 KB 517ms
516ms Image
image/jpeg 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/sliders/1421673942.jpg
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df7c4dbc93cd2590a5a44ea4bac831a7f346c83b7203d486656dab27f5a27c9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 25046
Last-Modified: Wed, 22 Apr 2015 22:52:24 GMT
Server: cloudflare
ETag: "55382628-61d6"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCmGQ8mS31aM0C4j4duOBZaThplQrlOBKZSCnZzLaTYYbCN4yQDa%2FP1DyEsa2EFMktq%2BnJAxVIN7r9TNANbI2INauXfL%2B7XtpoWqFFqoN198dN2yrkcIYI4yVTmPSiqwdjgYVcvHKnwbL332L5OP6m8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 763850214e3f9006-FRA
Expires: Tue, 08 Nov 2022 23:12:03 GMT

GET
H/1.1 200
OK 1466587313.jpg
www.med-health.net/sliders/ 38 KB
39 KB 511ms
511ms Image
image/jpeg 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/sliders/1466587313.jpg
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb80b636ffc0aebe99abd6d54264d428b888faf2e720854ca021fabe88c3aec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 39205
Last-Modified: Wed, 22 Jun 2016 09:21:53 GMT
Server: cloudflare
ETag: "576a58b1-9925"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxPKO44yNSOwR%2BfVR2CxoZsKyimrT5AxJzDPiIM8zvzgcbxrtw%2B004IRyNDk7rTA78Qa9s8SOar6fti%2BpnVIATudTRdJMy6ZuXQ7%2F1zv61g0e0mYz5K5WO8Xfq6Ccp6GxVtCpsBmWe%2F%2FOn3FIZchPag%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 763850214d259186-FRA
Expires: Tue, 08 Nov 2022 23:12:03 GMT

GET
H/1.1 200
OK 1422208478.jpg
www.med-health.net/sliders/ 32 KB
33 KB 514ms
514ms Image
image/jpeg 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/sliders/1422208478.jpg
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7e6dec2f28625377700040dcb5fbd0d87ad221abf0e387754267a32f1aaf989

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 32813
Last-Modified: Wed, 22 Apr 2015 22:51:20 GMT
Server: cloudflare
ETag: "553825e8-802d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlOdE1FextLQ5bLez2ouOsCkxLByCeuW175bQylrzEz4BttJJD5G2r7F3%2B1q7MDVw4Lttf22dKiX1efytO3SNKUnUVoI4xE4Z1hwozENNNH3kevqX7iN%2F4Dd00WHGcvNzwYOwTKPtoC7GCJoV6KmLTI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 76385024aa549006-FRA
Expires: Tue, 08 Nov 2022 23:12:03 GMT

GET
H/1.1 200
OK 1466587301.jpg
www.med-health.net/sliders/ 58 KB
59 KB 669ms
668ms Image
image/jpeg 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/sliders/1466587301.jpg
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ea85ef5750e17e59d9fffdaa834d5f9d8418eee56a52cffc78ce8918bd07e32

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:04 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 59246
Last-Modified: Wed, 22 Jun 2016 09:21:41 GMT
Server: cloudflare
ETag: "576a58a5-e76e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPZgWpGKJxKbNtl%2FeCjKFLLEUi3P%2FnDUd7s3UcvRd2z%2FJCu%2FIpvnUPNHW6CaazKzWZyxCxa8d14NehfkasYyjMovjDAZmxhofc5TT28K3AQT3%2BRopNQF8JjQZkxsYcoW4xeDjO7bng%2FZhf%2B7Mf0zkco%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 763850258e159bf5-FRA
Expires: Tue, 08 Nov 2022 23:12:03 GMT

GET
H/1.1 200
OK 1422209276.jpg
www.med-health.net/sliders/ 21 KB
22 KB 502ms
502ms Image
image/jpeg 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/sliders/1422209276.jpg
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28f73e2c5418ee670512d0cfff234fcd928cc0a98e1d33446e463b698fe1b0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:04 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 21548
Last-Modified: Wed, 22 Apr 2015 22:51:20 GMT
Server: cloudflare
ETag: "553825e8-542c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6nsJxAq0Epg%2FYGyxHL9OkYjIMtkW%2F5TFVXJ2ofj8qw7wZnkY7Bpf9%2ByqEdH0E9jE%2FeRM%2BW%2FFeX1pyywP0b%2F%2Bf93XYU1bQDPAE2UsfEuzlToF4%2FXSsQDBNhmBhs4RFWy%2FnKw2EfmeF3PgwulwCbzosk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 763850267f979176-FRA
Expires: Tue, 08 Nov 2022 23:12:03 GMT

GET
H/1.1 404
Not Found right_gray.gif
www.med-health.net/themes/theme6/images/common/ 564 B
564 B 342ms
342ms Image
text/html 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/themes/theme6/images/common/right_gray.gif
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wior184ZZOAnl6L91Z6ybwORXJg4r4JjPZu45ZapPKSU1F%2Fvi9RffjEaO%2F%2FIypuh%2FGqeI5LPsR%2F4NM%2FyrPiYHj%2B2F7CbvMshUz38qOEUKKPNQInctDv6gVLcMCqLMtn%2Bofd%2Bjdp02pcDJpbcYzxZxU4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 763850269898bbc1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK jquery-1.9.1.min.js Show response
www.med-health.net/js/ 90 KB
33 KB 28ms
27ms Script
application/javascript 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.med-health.net/js/jquery-1.9.1.min.js
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:02 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 224621
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Wed, 02 Dec 2015 12:25:58 GMT
Server: cloudflare
ETag: W/"565ee356-169d5"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FckAL5mzPuQXHzSCKBNHPagoMY7z5x82psyVoUgzxAIqaEX3asWCJSSINcJmyFBy3SR86N488ROhm5d9r70g6QLpT6b2cALE3X7DYEq41EC1r%2Ba%2BEzk9iKA0CeuaSCWi%2FTFKcpbkyHWcjufLVRdQr8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=604800
CF-RAY: 76385020fdd49006-FRA
Expires: Sun, 06 Nov 2022 08:48:21 GMT

GET
H/1.1 200
OK jquery-ui-1.9.2.custom.min.js Show response
www.med-health.net/js/ 232 KB
62 KB 39ms
39ms Script
application/javascript 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.med-health.net/js/jquery-ui-1.9.2.custom.min.js
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfa6a72dcf28846fd7f716e745538bf7607af69f78cf4f9db3d2a126fab319c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:02 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 233133
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Wed, 02 Dec 2015 12:25:58 GMT
Server: cloudflare
ETag: W/"565ee356-3a0e6"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ay64G3DJ8UW%2B5aKNfdPUzTk5Mkia2h7mPhV6CDNFYbbTmoY2IZggx7XvMWJJuXtOLs7F8L3nlN%2B4VLFpziVhU%2BHD5UoAEwnIFS389b%2Fi5kvKnHvxGoPdcvLLD%2BSs1l0FH2g3BX9%2BzisvNrqjeR%2FAIY8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=604800
CF-RAY: 76385020fcb49186-FRA
Expires: Sun, 06 Nov 2022 06:26:28 GMT

GET
H/1.1 200
OK main.js Show response
www.med-health.net/js/ 4 KB
2 KB 20ms
20ms Script
application/javascript 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.med-health.net/js/main.js
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5df24dbf0ba1b6e21a0003cc5780bf70a7aff836e060ae78c9755dd49cfb3a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:02 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 233133
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Wed, 02 Dec 2015 12:25:58 GMT
Server: cloudflare
ETag: W/"565ee356-f86"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQtocsOjJDiA9zzHmGnAozaCwMFpOnq8htmOEQvYtx1pVf8vLENVnnsqjDSE93gV%2Bb353v7bkxSDmO2Oo38NjClrgC8J5DYQ6Y0W7dMlF9urfby7QDQpXZNMtjZE2rONiRD42Pznq0OJbUdyyXtqEA0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=604800
CF-RAY: 76385020fde59176-FRA
Expires: Sun, 06 Nov 2022 06:26:28 GMT

GET
H/1.1 200
OK jquery.flexslider.js Show response
www.med-health.net/js/ 41 KB
10 KB 533ms
508ms Script
application/javascript 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.med-health.net/js/jquery.flexslider.js
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58cb6246e70cd832e51db0c2ecdebfd125597f3792c73316029bb5c948de2d90

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Wed, 02 Dec 2015 12:25:58 GMT
Server: cloudflare
ETag: W/"565ee356-a2c5"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ux8YVahaVl2niC%2B57afd0LJg4PHaoSmtGmsPpO%2BnOEfY8WCwoyvDxh1SnEMbGfe8vCKQIpS%2FgKsYLbcj74SDzwUfQf5RvE6XzLrzjqcb5pfjeNPGfmlWDw91t0cRvNr%2FA11HNVltJEsAzvVglO7fokU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=604800
CF-RAY: 763850211e189176-FRA
Expires: Tue, 08 Nov 2022 23:12:02 GMT

GET
H/1.1 200
OK header_bg_thin.png
www.med-health.net/themes/med-health/images/common/ 3 KB
4 KB 811ms
343ms Image
image/png 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/themes/med-health/images/common/header_bg_thin.png
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/themes/med-health/css/main.css
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9c9e96f2216c86e854ca6b57e46b5c6d6a01d58491ee775c739011a249a68b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/themes/med-health/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3049
Last-Modified: Wed, 02 Dec 2015 12:25:59 GMT
Server: cloudflare
ETag: "565ee357-be9"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7sOOcZkFNkBwa2c4t57x5WMx7Y1Wo6e8DrSFC11%2Ff3H82CIaiHy6LDyV9AMKEJoyuaZDzJUhfIq4oXxAT3HGhMwnXOMVQaJdUag15tUbHV%2BJ0QS2eek7prub8KKMLOihjJIdIfNK2j9hdpyWEKUg9Q%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 763850244bab9176-FRA
Expires: Tue, 08 Nov 2022 23:12:03 GMT

GET
H/1.1 200
OK google-search.png
www.med-health.net/themes/med-health/images/common/ 4 KB
5 KB 863ms
347ms Image
image/png 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/themes/med-health/images/common/google-search.png
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46b06a7dc0ebffc0d4af2ffe15d128ba97a8f58cbb358a31cd2eba72ae70144b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 4260
Last-Modified: Wed, 02 Dec 2015 12:25:59 GMT
Server: cloudflare
ETag: "565ee357-10a4"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygvlqDpFKv%2FOkbhkmEROVropVnjkIS6XFzu%2BEyQiftL1RXAfFOfGh00ExhrTMRXJjSbJOUqPxu%2BN2q48ZsvQdXxpgPSljOPxewgUJcPG3D63BYoDVjBf3EisBk9NMwvTIYrYFxlKelnr2FqfhNGD0BY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 763850249a9e9186-FRA
Expires: Tue, 08 Nov 2022 23:12:03 GMT

GET
H/1.1 200
OK aboutus.png
www.med-health.net/themes/med-health/images/common/ 2 KB
3 KB 521ms
12ms Image
image/png 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/themes/med-health/images/common/aboutus.png
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/themes/med-health/css/main.css
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d82263f77ae9681acf09940ade88d07d3306e789b610a86858c97ef7e2e766f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/themes/med-health/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 230181
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2241
Last-Modified: Thu, 25 Feb 2016 08:53:01 GMT
Server: cloudflare
ETag: "56cec0ed-8c1"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jkz8b%2FJEFodZdz2bt54RDg26qnU%2FE7beLaDdEhLdQhlmAGQvnyMmesEOyhJ1DXKLNz3jfCF1g11SnX0VLEjaM9EMxoeDax%2B7u8%2B9klC0xD74NwzcOgxHRwvO7cItasMWqMhe8rajVFbB%2BY2EfQ9znoA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 763850248a2d9226-FRA
Expires: Sun, 06 Nov 2022 07:15:42 GMT

GET
H/1.1 200
OK contentBackground-1000x2.png
www.med-health.net/themes/med-health/images/common/ 3 KB
4 KB 508ms
14ms Image
image/png 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/themes/med-health/images/common/contentBackground-1000x2.png
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/themes/med-health/css/main.css
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5d3c6a246ba09a7e31af987900502a55159039b8ba05b539c6f31ba0f590ea1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/themes/med-health/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 230181
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2847
Last-Modified: Wed, 02 Dec 2015 12:25:59 GMT
Server: cloudflare
ETag: "565ee357-b1f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tggTeJmIiRswTBtqyB9H9YfxMv9E0pcxGJnPMO7%2F610g2J6nkF5sZoOgz4hu2FZQYAywIMNf5WWAE%2F3w6xhI5j4BlK0IVYx5%2Buhc9BcRUmANQoB3xQoZrkvHZiIKuGzeVXdXa%2FPuc1rQhcYBCzEZFAA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 7638502479f09226-FRA
Expires: Sun, 06 Nov 2022 07:15:42 GMT

GET
H/1.1 200
OK leftNavLinksBackground-1000x60.png
www.med-health.net/themes/med-health/images/common/ 5 KB
6 KB 521ms
19ms Image
image/png 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/themes/med-health/images/common/leftNavLinksBackground-1000x60.png
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/themes/med-health/css/main.css
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1185d7659bdbe26e422447fbb709ef6bf4c9714f07954bd458379f6f4bc7c403

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/themes/med-health/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 247247
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 4892
Last-Modified: Wed, 02 Dec 2015 12:25:59 GMT
Server: cloudflare
ETag: "565ee357-131c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bniHawANganzXyI43XSPftJpB3RBKDeyQxfI6eLLOmDqZXAJGWSMskNFjkQMAcTgCK7V2IW2w1MAsHX35gJWYCLM2C%2BtAx93d5tO6v6IXgRgZrQsA72VZa990mVQ4x0ghy426i2JobcgCB9uouw2u%2BI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 763850248a2d9006-FRA
Expires: Sun, 06 Nov 2022 02:31:16 GMT

GET
H/1.1 200
OK leftNavLinksBackground-1000x2.png
www.med-health.net/themes/med-health/images/common/ 3 KB
4 KB 515ms
19ms Image
image/png 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/themes/med-health/images/common/leftNavLinksBackground-1000x2.png
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/themes/med-health/css/main.css
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94dff028b7a3e2e93a5a8bfa1cd93388b97381142aee6746de110644b54a5de1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/themes/med-health/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 233134
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2855
Last-Modified: Wed, 02 Dec 2015 12:25:59 GMT
Server: cloudflare
ETag: "565ee357-b27"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Lh4QqUU3LzK13Yq2ewuwOGatMuy5v4muE7bXiBh3JuAavno4%2FaNkM2jETOin129XgL9%2B0nqqLxP2xW6O6bmAUR6J6L5hOCnaqpIkufolO39i5WIw6tIT2jl98Qf%2BVtxn7yKs1xkEaYc1XXSQM5NqcM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 763850247a489186-FRA
Expires: Sun, 06 Nov 2022 06:26:28 GMT

GET
H/1.1 200
OK arrow-right-icon.png
www.med-health.net/themes/med-health/images/common/ 1 KB
2 KB 835ms
337ms Image
image/png 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/themes/med-health/images/common/arrow-right-icon.png
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/themes/med-health/css/main.css
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e593beaee04261b4e917871713948a44b06ae3c6b18231e7b5723438b9f0ec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/themes/med-health/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1488
Last-Modified: Wed, 02 Dec 2015 12:25:59 GMT
Server: cloudflare
ETag: "565ee357-5d0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtEGfGBZsRZLUWRSZQr9R0ys8WhB0xillbzmoT37i4w5SsUzV88Nx6kk4bI0qh7FyMubbBfvB1m5xFhTxXiY3xj2iG98MVzjD3eE0YJpl5OKVkhMhusS8ysh6taGh1YJPokVPDZ0a8%2FAa7fkHtSbPT8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 763850247dfbbbc1-FRA
Expires: Tue, 08 Nov 2022 23:12:03 GMT

GET
H/1.1 200
OK leftNav_bottom.png
www.med-health.net/themes/med-health/images/common/ 3 KB
4 KB 351ms
351ms Image
image/png 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/themes/med-health/images/common/leftNav_bottom.png
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/themes/med-health/css/main.css
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1659c38058e8d82f3d1eab7d1bf464396fc451c2c1a66b98dbfd1e5f211f76d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/themes/med-health/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3369
Last-Modified: Wed, 02 Dec 2015 12:25:59 GMT
Server: cloudflare
ETag: "565ee357-d29"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xeDuxupQeVuoT6YnRGYJnwSciKm8OVU00C2JDPESUtzXA1hqUBtRLbcb8W9%2F9iEKvyyRy4%2BYvkUdIzy4nn20pT8X45djPJGhIyvDk3B2A11ZNMiyb2mCivclS72aIpttaKGFo6UL4yInIz3EmbkGp70%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 76385026cd9f9186-FRA
Expires: Tue, 08 Nov 2022 23:12:03 GMT

GET
H/1.1 200
OK clinictime16.png
www.med-health.net/themes/med-health/images/common/ 4 KB
4 KB 840ms
350ms Image
image/png 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/themes/med-health/images/common/clinictime16.png
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/themes/med-health/css/main.css
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25e25e08ee4efe66a580793866a1e6e4f444a8418b45f93c9ed724bfea3813a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/themes/med-health/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3628
Last-Modified: Wed, 02 Dec 2015 12:25:59 GMT
Server: cloudflare
ETag: "565ee357-e2c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZP3ZsNP2W2jn7EMZG7qExMHbLrNwKdwhLES%2FlsK4f%2B3qJaYU04mKxv%2BmdFWCMlfN8KiDpPKz1JFtGTj9qEBUaeesBhxYDS0WWKjLQybaeP1KYOE5Ym35dHoODX0VBaTM3tYWtgSk3JJ3AFnR3mkN0g%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 76385024aa5a9226-FRA
Expires: Tue, 08 Nov 2022 23:12:03 GMT

GET
H/1.1 200
OK arrow-right16.png
www.med-health.net/themes/med-health/images/common/ 804 B
2 KB 18ms
18ms Image
image/png 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/themes/med-health/images/common/arrow-right16.png
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/themes/med-health/css/main.css
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ba1274ba4399ec1453aecaeabf2e586992c80b720dfc4dde420da2f777f8677

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/themes/med-health/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 60259
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 804
Last-Modified: Wed, 02 Dec 2015 12:25:59 GMT
Server: cloudflare
ETag: "565ee357-324"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygyjYMgtAXo4qunDDI2nTJoKB2RhbBGqwdYxSiOI6TqiSZ7QHcioQQ%2BD0fD%2FGi01Ax7mJRVQ7l0RcDU47uS1bjli%2F%2BK0JBeCpCTnyyLomk%2F2T54N6dS7es3z%2BQDZ855U8nJgUsIHCIsZJRyjv1res2s%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 76385026df919226-FRA
Expires: Tue, 08 Nov 2022 06:27:44 GMT

GET
H/1.1 200
OK bullet_ie5mac.gif
www.med-health.net/themes/med-health/images/common/ 50 B
852 B 12ms
12ms Image
image/gif 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/themes/med-health/images/common/bullet_ie5mac.gif
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/themes/med-health/css/main.css
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a38b3a03a8f4f2330f03c32186ec86261cd3c5a9e8d28b0d0b9f1da4d6f3fe89

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/themes/med-health/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:03 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 137014
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 50
Last-Modified: Wed, 02 Dec 2015 12:25:59 GMT
Server: cloudflare
ETag: "565ee357-32"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOvUW%2BwBIslLx%2BlXIJJzQ%2FOCDE60uTz%2BmcsKJyLNezUYRB0HzRoyHkrYes1gFtAQ%2FdGh%2F8xKaYRzlF7l4DSEyH%2FkH1CVrLAVDeAQW4qXWuMLxSre1o9fr0IY5bP42ean%2BWM8e6hZmJhGQB0UKEe4uaE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 76385026ffe99226-FRA
Expires: Mon, 07 Nov 2022 09:08:29 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

129ms
38ms

Script
text/javascript

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.med-health.net
URL: http://www.med-health.net/

Protocol

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 01 Nov 2022 23:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 604
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 02 Nov 2022 01:01:58 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/ 354 KB
116 KB 150ms
74ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8644718515741361&plah=www.med-health.net

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac4c5fd061bc3605976eaa80a8a156ac501c1c81f7473d35bec4343fa2b6badb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 23:12:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119022
x-xss-protection: 0
server: cafe
etag: 14986344474246963130
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 23:12:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221027/r20190131/ Frame 8592 10 KB
5 KB 133ms
45ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221027/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.med-health.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35881
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 13:14:02 GMT
etag: 9671129459699598864
expires: Tue, 15 Nov 2022 13:14:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 46ms
45ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1510951230&t=pageview&_s=1&dl=http%3A%2F%2Fwww.med-health.net%2F&ul=en-us&de=UTF-8&dt=Med-Health.net%20%7C%20Med-Health.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=858480451&gjid=895272633&cid=227702234.1667344323&tid=UA-41990266-1&_gid=1209473844.1667344323&_r=1&_slc=1&z=754235096

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.med-health.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 23:12:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.med-health.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
699 B 132ms
47ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.med-health.net&callback=_gfp_s_&client=ca-pub-8644718515741361&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8644718515741361&plah=www.med-health.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35180a3fca2a5713d38ad7b8ead8041114c820e3435b45740b49971fabecfce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 23:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 145ms
44ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.med-health.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 23:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
45ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.med-health.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 23:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6619 246 KB
65 KB 945ms
868ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8644718515741361&output=html&adk=1812271804&adf=3025194257&lmt=1667344323&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.med-health.net%2F&ea=0&pra=5&wgl=1&dt=1667344322997&bpp=4&bdt=336&idt=255&shv=r20221027&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6015416803606&frm=20&pv=2&ga_vid=227702234.1667344323&ga_sid=1667344323&ga_hid=1510951230&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070617%2C44775017&oid=2&pvsid=862710211434038&tmod=2055105902&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=274

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

136bbd2ad61c942368d93f73d60a0fbec1224780967dffddf18bd4ea8f805973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.med-health.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 66788
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 23:12:04 GMT
expires: Tue, 01 Nov 2022 23:12:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 123ms
51ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221027&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14d9b6f9f85183639e10ca049feb0851103d99e0bdc621b1d723e3c76c3d7715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 23:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11255
x-xss-protection: 0

GET
H/1.1 200
OK bg_direction_nav2.png
www.med-health.net/themes/med-health/images/slider/ 601 B
1 KB 342ms
342ms Image
image/png 2606:4700:3031::ac43:b712
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.med-health.net/themes/med-health/images/slider/bg_direction_nav2.png
Requested by: Host: www.med-health.net
URL: http://www.med-health.net/themes/med-health/css/main.css
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b712 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e47f1365cc1bd13255076abd5c4c8c902c6ace58760ada00a494fd807c194b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/themes/med-health/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:12:04 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 601
Last-Modified: Thu, 23 Apr 2015 00:29:00 GMT
Server: cloudflare
ETag: "55383ccc-259"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuHA%2FnNjsPUMEGp5SIUZl43TnzskU4BNInafd4YQC7YwsU%2FAro42AfU5gHPl3zMeIy536c%2BUk1Q9TqjPWdn4Z3jcs08jQZ5Ofl4uPxfJabC8PxKCOo2VM5L6k7E4neE1%2FQWzuT3SDjTMT38CjLYqT0M%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
CF-RAY: 7638502aca609bf5-FRA
Expires: Tue, 08 Nov 2022 23:12:04 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/ 151 KB
51 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dced0e1e0be39c4d94b1b39ff94cda32d51c50233702fd7bd4710916ffb4a630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 23:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52397
x-xss-protection: 0
server: cafe
etag: 3793683935438092939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 23:12:04 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 131ms
52ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.med-health.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 23:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 118ms
46ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.med-health.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 23:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3FA4 75 KB
31 KB 692ms
691ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8644718515741361&output=html&h=600&adk=555579409&adf=4149340102&pi=t.aa~a.1884218492~rp.4&w=231&fwrn=4&fwrnh=100&lmt=1667344324&rafmt=1&to=qs&pwprc=5434728023&format=231x600&url=http%3A%2F%2Fwww.med-health.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1667344324303&bpp=2&bdt=1642&idt=2&shv=r20221027&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde233ab76142d672-22ea6ce960ce008b%3AT%3D1667344323%3ART%3D1667344323%3AS%3DALNI_MaQgeTfGKZY_ucyIHovJmbsqUYywg&gpic=UID%3D00000b7b7fe1de11%3AT%3D1667344323%3ART%3D1667344323%3AS%3DALNI_MZFEnibzrMBYJdFrECRDR2hfkC10g&prev_fmts=0x0&nras=2&correlator=6015416803606&frm=20&pv=1&ga_vid=227702234.1667344323&ga_sid=1667344323&ga_hid=1510951230&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=1270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070617%2C44775017&oid=2&pvsid=862710211434038&tmod=2055105902&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ytvt1bvs26&p=http%3A//www.med-health.net&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d6fe29485b5b2b488d50c385a4836e62d4c54306d196e308cc15332ba0e023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.med-health.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31730
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 23:12:04 GMT
expires: Tue, 01 Nov 2022 23:12:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/ Frame 517A 10 KB
4 KB 38ms
38ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.med-health.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57742
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 07:09:42 GMT
etag: 9671129459699598864
expires: Tue, 15 Nov 2022 07:09:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/ Frame 24C2 10 KB
4 KB 38ms
38ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.med-health.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57742
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 07:09:42 GMT
etag: 9671129459699598864
expires: Tue, 15 Nov 2022 07:09:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 194ms
100ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 23:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Nov 2022 23:12:04 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 517A 4 KB
1 KB 126ms
47ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 23:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 23:11:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Nov 2022 23:12:04 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 517A 205 B
742 B 115ms
37ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 20:46:50 GMT
x-content-type-options: nosniff
age: 8714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 01 Nov 2023 20:46:50 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 517A 604 B
694 B 120ms
42ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 20:36:33 GMT
x-content-type-options: nosniff
age: 9331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 01 Nov 2023 20:36:33 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/ Frame 517A 19 KB
8 KB 114ms
49ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 19:21:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8012
x-xss-protection: 0
server: cafe
etag: 16149103330692230356
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 19:21:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 24C2 0
0 102ms
101ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6Gusw6dhY53aFp_d7_UPxfe7yAa40Y-BbY_gj8mkENrZHhABIKbvkntgleKQgqAHoAGfvMzDA8gBAqgDAcgDyQSqBM0BT9DTQKtYZ0-7VTH4hqCQbBVCAWR3_CEIBIsIc3zqyBdpDp-lh3dnUFknJW7SOHDroznfKut-rwvDL6eKvOw-ZbU-ezqjbyXsGiY8teT77tg2gC5zMyTqIonwbSwmRl82xQtETs-bYVv0372rh63zu04uLOCNfkeyLScDL-V840WGUaTtlB7KHhV9WIMi3_qzI0o7GllcBq1nkg-cqvvIhukgTOxxZTQ1sdF3dlgdPuS80xi_53D90NvUTiLwnLJc7Ddu872PGMArRn-egcAE8vrui_gDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB8nDszyoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRD9j59v0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItODY0NDcxODUxNTc0MTM2MRgA&sigh=_SKdBewSnfE&uach_m=[UACH]

Requested by

Host: www.med-health.net
URL: http://www.med-health.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 01 Nov 2022 23:12:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 01 Nov 2022 23:12:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 24C2 23 KB
9 KB 95ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 18:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 18:20:22 GMT

GET
H2 200 2710606931408157167
tpc.googlesyndication.com/simgad/ Frame 24C2 21 KB
21 KB 131ms
75ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2710606931408157167?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnv904S1qrQ3XuRp9iID8F_S053vw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02deabb659b14c7af13a40a4bbc9c450b2aca71659b7a6ad4206b42ac0c49edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 19:05:43 GMT
x-content-type-options: nosniff
age: 360381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21256
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 20:25:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 19:05:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 24C2 3 KB
1 KB 101ms
46ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 18:53:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 18:53:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 24C2 17 KB
8 KB 90ms
35ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 16:40:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 16:40:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 24C2 153 KB
47 KB 152ms
57ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 23:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47682
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667216034053804"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Nov 2022 23:12:04 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 24C2 33 KB
13 KB 143ms
88ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

384820e32636977b95d2c7ea5e9009a3c4620965a0b91eb64d1479c4c2eea389

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 05:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13525
x-xss-protection: 0
server: cafe
etag: 3532792018009496795
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 05:07:18 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B41F 143 B
166 B 44ms
41ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 22:55:47 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 24C2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d8736d956a1f73f5a21504767479f84b6e5f027f753e6ce23074ed3ed66b504

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 84c8dfa227218a7b436003265dc6c69e.js Show response
www.gstatic.com/mysidia/ Frame 5AA4 9 KB
4 KB 117ms
43ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4170
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 26 Jan 2023 14:36:43 GMT

GET
H3 200 f811ceb9b4a6a990ad4105fc3f7ba433.js Show response
www.gstatic.com/mysidia/ Frame 5AA4 19 KB
8 KB 112ms
39ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b716714eb4fabc3721d120eb31b988e43665b05959a5f60a34a343004ec9930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 21:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 21:38:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5AA4 6 KB
672 B 121ms
47ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 23:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 22:35:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Nov 2022 23:12:04 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 5AA4 2 KB
765 B 128ms
52ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 16:40:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 16:40:17 GMT

GET
H3 200 d6c5bcf26e2f43f621526b11ea468107.js Show response
www.gstatic.com/mysidia/ Frame 5AA4 5 KB
2 KB 108ms
36ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d6c5bcf26e2f43f621526b11ea468107.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

805bdd5d8618e8a5f21ac3641bb4f8e4f2575a064ea15cb7a4e94ca57112ee5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 10:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2008
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 10:24:35 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 5AA4 23 KB
9 KB 117ms
42ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 18:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 18:20:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 5AA4 3 KB
1 KB 128ms
53ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 18:53:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 18:53:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 5AA4 17 KB
7 KB 111ms
36ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 16:40:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 16:40:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5AA4 153 KB
47 KB 67ms
65ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 23:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47682
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667216034053804"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Nov 2022 23:12:04 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 5AA4 33 KB
14 KB 118ms
47ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 26 Jan 2023 14:36:43 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AA29 13 KB
5 KB 73ms
36ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.med-health.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 21:32:38 GMT
expires: Wed, 01 Nov 2023 21:32:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2B38 783 B
970 B 137ms
49ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2013964c49ea9732ba70c23e54f4b3e6d3e12a385455c6595977f59c42ea03f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N326mTRd8irMvOmvt60XzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.med-health.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-N326mTRd8irMvOmvt60XzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 23:12:04 GMT
expires: Tue, 01 Nov 2022 23:12:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B41F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
49ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 23:12:04 GMT
expires: Tue, 01 Nov 2022 23:12:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 23:12:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame AA29 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 19:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 19:59:05 GMT

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B857 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 19:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 19:59:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2B38 0
0 70ms
69ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221027&jk=862710211434038&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C116 36 KB
16 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221027/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 19:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 19:59:05 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5AA4 0
20 B 70ms
69ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoKCAEqBnRvd2VyQQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDMKDRArIQAAAAAAACZAMAQKDRADIQAAAM3MvGJAMAQKDRANIQAAAAAAAAAAMAQKCRAeKgMweDAwBAoJEBkqAzB4MDAECg0QKyEAAAAAAAAqQDAECg0QECEAAAAAAAAAADAECg0QESEAAAAAwNTQQDAECg0QEiEAAAAAAAAUQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAAAAAIBlQDAECg0QFCEAAAAAwETUQDAECg0QFSEAAAAAAAAkQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAAAzM0NoQDAEEhpDTnpIODlDTmp2c0NGWl91dXdnZHhmc09hUSIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 23:12:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AA29 0
10 B 36ms
35ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_4qHWQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 23:12:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 15327141366129009279
tpc.googlesyndication.com/simgad/ Frame 3FA4 42 KB
42 KB 37ms
37ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15327141366129009279?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn4BeERf8jp6XGNLVR9-I9Fj9g3kA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8644718515741361&output=html&h=600&adk=555579409&adf=4149340102&pi=t.aa~a.1884218492~rp.4&w=231&fwrn=4&fwrnh=100&lmt=1667344324&rafmt=1&to=qs&pwprc=5434728023&format=231x600&url=http%3A%2F%2Fwww.med-health.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1667344324303&bpp=2&bdt=1642&idt=2&shv=r20221027&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde233ab76142d672-22ea6ce960ce008b%3AT%3D1667344323%3ART%3D1667344323%3AS%3DALNI_MaQgeTfGKZY_ucyIHovJmbsqUYywg&gpic=UID%3D00000b7b7fe1de11%3AT%3D1667344323%3ART%3D1667344323%3AS%3DALNI_MZFEnibzrMBYJdFrECRDR2hfkC10g&prev_fmts=0x0&nras=2&correlator=6015416803606&frm=20&pv=1&ga_vid=227702234.1667344323&ga_sid=1667344323&ga_hid=1510951230&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=1270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070617%2C44775017&oid=2&pvsid=862710211434038&tmod=2055105902&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ytvt1bvs26&p=http%3A//www.med-health.net&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

998d56233241972f09b4fb254d585c80e273842ed47fe8852cac6e696b4c6d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 21:55:17 GMT
x-content-type-options: nosniff
age: 4608
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43453
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 20:25:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Nov 2023 21:55:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 3FA4 23 KB
9 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 18:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 18:20:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 3FA4 3 KB
1 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 18:53:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15493
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 18:53:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 3FA4 17 KB
7 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 16:40:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 16:40:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3FA4 0
0 290ms
46ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTUbpoEzMlqkTUWUbRaGZl_TH4c7XFzuDPyTJOq090HZPhmZx_Nk-FKAKNWq646sv7P0bzyJ08mqZE0sQMqgE-OcekofQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8644718515741361&output=html&h=600&adk=555579409&adf=4149340102&pi=t.aa~a.1884218492~rp.4&w=231&fwrn=4&fwrnh=100&lmt=1667344324&rafmt=1&to=qs&pwprc=5434728023&format=231x600&url=http%3A%2F%2Fwww.med-health.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1667344324303&bpp=2&bdt=1642&idt=2&shv=r20221027&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde233ab76142d672-22ea6ce960ce008b%3AT%3D1667344323%3ART%3D1667344323%3AS%3DALNI_MaQgeTfGKZY_ucyIHovJmbsqUYywg&gpic=UID%3D00000b7b7fe1de11%3AT%3D1667344323%3ART%3D1667344323%3AS%3DALNI_MZFEnibzrMBYJdFrECRDR2hfkC10g&prev_fmts=0x0&nras=2&correlator=6015416803606&frm=20&pv=1&ga_vid=227702234.1667344323&ga_sid=1667344323&ga_hid=1510951230&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=1270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070617%2C44775017&oid=2&pvsid=862710211434038&tmod=2055105902&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ytvt1bvs26&p=http%3A//www.med-health.net&dtd=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FA4 153 KB
47 KB 127ms
54ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 23:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47682
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667216034053804"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Nov 2022 23:12:05 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 3FA4 33 KB
13 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

384820e32636977b95d2c7ea5e9009a3c4620965a0b91eb64d1479c4c2eea389

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 05:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13525
x-xss-protection: 0
server: cafe
etag: 3532792018009496795
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 05:07:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3FA4 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGlmvxKdhY8PcFIrc7_UPtISjsAq40Y-BbfDS8uDlENrZHhABIKbvkntgleKQgqAHoAGfvMzDA8gBAqgDAcgDyQSqBNABT9DnHpYWYvAm6Emc8FnB5A2LnO1fOkiDHCrNM8JqjGdiFjgZkXksVCkhfekOY0KiKf9IOxD_DTfVl-TDfXLjsquIIX5l0r4XeYwWBPQfpIyD3uHasVGdHPTl2pva6Cc-Ffl8gpXkGUH3SkVHxvTK-N6BbQlVaODMk2nonV2XZAUUOaHtWODeQhYKL-LG-MQkSqU19BpGot-JjJvITnQ8raNZ4OoO01ngCjOZurWf7Ke0Slcwgtwbd0RVtr0RfDxnpbzbn5E_za72kC-wkqmpucAE8vrui_gDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB8nDszyoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRDSudUI0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItODY0NDcxODUxNTc0MTM2MRgA&sigh=wVPsExI12Io&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8644718515741361&output=html&h=600&adk=555579409&adf=4149340102&pi=t.aa~a.1884218492~rp.4&w=231&fwrn=4&fwrnh=100&lmt=1667344324&rafmt=1&to=qs&pwprc=5434728023&format=231x600&url=http%3A%2F%2Fwww.med-health.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1667344324303&bpp=2&bdt=1642&idt=2&shv=r20221027&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde233ab76142d672-22ea6ce960ce008b%3AT%3D1667344323%3ART%3D1667344323%3AS%3DALNI_MaQgeTfGKZY_ucyIHovJmbsqUYywg&gpic=UID%3D00000b7b7fe1de11%3AT%3D1667344323%3ART%3D1667344323%3AS%3DALNI_MZFEnibzrMBYJdFrECRDR2hfkC10g&prev_fmts=0x0&nras=2&correlator=6015416803606&frm=20&pv=1&ga_vid=227702234.1667344323&ga_sid=1667344323&ga_hid=1510951230&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=1270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070617%2C44775017&oid=2&pvsid=862710211434038&tmod=2055105902&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ytvt1bvs26&p=http%3A//www.med-health.net&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 01 Nov 2022 23:12:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E294 143 B
166 B 43ms
38ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8644718515741361&output=html&h=600&adk=555579409&adf=4149340102&pi=t.aa~a.1884218492~rp.4&w=231&fwrn=4&fwrnh=100&lmt=1667344324&rafmt=1&to=qs&pwprc=5434728023&format=231x600&url=http%3A%2F%2Fwww.med-health.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1667344324303&bpp=2&bdt=1642&idt=2&shv=r20221027&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde233ab76142d672-22ea6ce960ce008b%3AT%3D1667344323%3ART%3D1667344323%3AS%3DALNI_MaQgeTfGKZY_ucyIHovJmbsqUYywg&gpic=UID%3D00000b7b7fe1de11%3AT%3D1667344323%3ART%3D1667344323%3AS%3DALNI_MZFEnibzrMBYJdFrECRDR2hfkC10g&prev_fmts=0x0&nras=2&correlator=6015416803606&frm=20&pv=1&ga_vid=227702234.1667344323&ga_sid=1667344323&ga_hid=1510951230&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=1270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070617%2C44775017&oid=2&pvsid=862710211434038&tmod=2055105902&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ytvt1bvs26&p=http%3A//www.med-health.net&dtd=9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 978
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 22:55:47 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-btqfjyuejc75i-qqyjx67pzctobbrp-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame B8E4 247 B
959 B 133ms
39ms Document
text/html 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-btqfjyuejc75i-qqyjx67pzctobbrp-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

6c3a9e7031c88ce8f192ef942c9cbcd2b4e5654c1697d0d7f78065893c4a4b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 202
content-security-policy-report-only: script-src 'nonce-OlMuNk-2nnYy1wL1SlRa2A' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 23:12:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1C1F 1 KB
643 B 40ms
36ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 16:40:17 GMT
etag: 48472445140208031
expires: Wed, 02 Nov 2022 16:40:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3FA4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ceeccad41a318641921a6006376e314dca1b696a58a0bc165488ffc092a9e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1C1F 35 B
463 B 44ms
9ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG6OeUq2dejPJIo8tqZKZEg&google_cver=1&google_push=AZmPxg-pifMyJwQg5bEaANdLUE6geyEG1JNOUBSgYS_iOGVFwkhGXMzUFjqWH3tOma_bCptdH1llnqwk4ES9IDk4evefLePOhFz1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 23:12:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1C1F
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEOY4xlZMCHLBNbCrBUNttEI&google_cver=1&google_push=AZmPxg_OjiM26ktYBKnlXL6oEJm2EhgMZWfyv1VYsC4vOFB_CaFvHq44sU39H-hfvchStd_0x4STTqWbTvyp8FI1j9Xa3JeqBo9d
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_OjiM26ktYBKnlXL6oEJm2EhgMZWfyv1VYsC4vOFB_CaFvHq44sU39H-hfvchStd_0x4STTqWbTvyp8FI1j9Xa3JeqBo9d&google_hm=Q0FFU0VPWTR4bFpNQ0hMQ...

170 B
329 B

40ms
39ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_OjiM26ktYBKnlXL6oEJm2EhgMZWfyv1VYsC4vOFB_CaFvHq44sU39H-hfvchStd_0x4STTqWbTvyp8FI1j9Xa3JeqBo9d&google_hm=Q0FFU0VPWTR4bFpNQ0hMQk5iQ3JCVU50dEVJ

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 23:12:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 23:12:05 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_OjiM26ktYBKnlXL6oEJm2EhgMZWfyv1VYsC4vOFB_CaFvHq44sU39H-hfvchStd_0x4STTqWbTvyp8FI1j9Xa3JeqBo9d&google_hm=Q0FFU0VPWTR4bFpNQ0hMQk5iQ3JCVU50dEVJ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 1C1F 0
98 B 215ms
40ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8wWToymSM8l6SnxCHS-VEbGpAmOgNrOZKi_JHPoZVxhXJeircHY2ZOvfttb8QT1k7Jy-Hht0SZ_l7c7g0cPxmCfhixMv0V&google_gid=CAESEEhdsHOHKdrGARMEgJBHyrs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8644718515741361&output=html&h=600&adk=555579409&adf=4149340102&pi=t.aa~a.1884218492~rp.4&w=231&fwrn=4&fwrnh=100&lmt=1667344324&rafmt=1&to=qs&pwprc=5434728023&format=231x600&url=http%3A%2F%2Fwww.med-health.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1667344324303&bpp=2&bdt=1642&idt=2&shv=r20221027&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde233ab76142d672-22ea6ce960ce008b%3AT%3D1667344323%3ART%3D1667344323%3AS%3DALNI_MaQgeTfGKZY_ucyIHovJmbsqUYywg&gpic=UID%3D00000b7b7fe1de11%3AT%3D1667344323%3ART%3D1667344323%3AS%3DALNI_MZFEnibzrMBYJdFrECRDR2hfkC10g&prev_fmts=0x0&nras=2&correlator=6015416803606&frm=20&pv=1&ga_vid=227702234.1667344323&ga_sid=1667344323&ga_hid=1510951230&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=1270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070617%2C44775017&oid=2&pvsid=862710211434038&tmod=2055105902&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ytvt1bvs26&p=http%3A//www.med-health.net&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 23:12:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 1C1F 43 B
351 B 198ms
19ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEB1b9SqmEkuZoKxn6ibrksk&google_cver=1&google_push=AZmPxg9ABavheeg-ywRmjnLQmGAakNhDw8OSc40qyWyJ7LD80zU90XhyQU7-BTw3--IUCwFoKsqpgvSGD6yx2iSP54UdW2-VgQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8644718515741361&output=html&h=600&adk=555579409&adf=4149340102&pi=t.aa~a.1884218492~rp.4&w=231&fwrn=4&fwrnh=100&lmt=1667344324&rafmt=1&to=qs&pwprc=5434728023&format=231x600&url=http%3A%2F%2Fwww.med-health.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1667344324303&bpp=2&bdt=1642&idt=2&shv=r20221027&mjsv=m202210260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde233ab76142d672-22ea6ce960ce008b%3AT%3D1667344323%3ART%3D1667344323%3AS%3DALNI_MaQgeTfGKZY_ucyIHovJmbsqUYywg&gpic=UID%3D00000b7b7fe1de11%3AT%3D1667344323%3ART%3D1667344323%3AS%3DALNI_MZFEnibzrMBYJdFrECRDR2hfkC10g&prev_fmts=0x0&nras=2&correlator=6015416803606&frm=20&pv=1&ga_vid=227702234.1667344323&ga_sid=1667344323&ga_hid=1510951230&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=1270&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070617%2C44775017&oid=2&pvsid=862710211434038&tmod=2055105902&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ytvt1bvs26&p=http%3A//www.med-health.net&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 23:12:05 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 9v7r9i7s5ep45kqh0n1jfvmar102mtlk

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1C1F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6vmLs-E0Tg-y2ax6OrS1dw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

42ms
41ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6vmLs-E0Tg-y2ax6OrS1dw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9UIzjntQyGb4sQamRU8nsklVBf1nxkfidlk0Tu2Jf9bgFhwdKzLmYFkl8k5t1b0ZwBBE7CmPg1iVQ6tAq7uvQNtBfZX8I

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 23:12:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6vmLs-E0Tg-y2ax6OrS1dw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9UIzjntQyGb4sQamRU8nsklVBf1nxkfidlk0Tu2Jf9bgFhwdKzLmYFkl8k5t1b0ZwBBE7CmPg1iVQ6tAq7uvQNtBfZX8I
date: Tue, 01 Nov 2022 23:12:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1C1F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKH6NYY6ISlRn-lwGMbCW-M&google_cver=1&google_push=AZmPxg_dIJ2xnq9GBN01hI655tzQQ7VZKgBC5nvtlpaX9iFsIeBl5zjEfZ6I8R62xktMGEDHjzw...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlZVFJGREktWi1JWVhJ&google_push=AZmPxg_dIJ2xnq9GBN01hI655tzQQ7VZKgBC5nvtlpaX9iFsIeBl5zjEfZ6I8R62xktMGEDHjzwmh8fRD9_YhfchPQTfOu7aLmAb

170 B
232 B

54ms
54ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlZVFJGREktWi1JWVhJ&google_push=AZmPxg_dIJ2xnq9GBN01hI655tzQQ7VZKgBC5nvtlpaX9iFsIeBl5zjEfZ6I8R62xktMGEDHjzwmh8fRD9_YhfchPQTfOu7aLmAb

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 23:12:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlZVFJGREktWi1JWVhJ&google_push=AZmPxg_dIJ2xnq9GBN01hI655tzQQ7VZKgBC5nvtlpaX9iFsIeBl5zjEfZ6I8R62xktMGEDHjzwmh8fRD9_YhfchPQTfOu7aLmAb
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C1F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOXwGvnTSx8hgMPC8Hpm9v4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOXwGvnTSx8hgMPC8Hpm9v4&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOXwGvnTSx8hgMPC8Hpm9v4&google_hm=Y2GnxdgQIpd3o8IdRRWtFQAAFA8AAAAB&google_nid=index&google_push=AZmPxg_Bubp7Uf99EyBR84ct7pn8voyt99G8y...

170 B
188 B

106ms
41ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOXwGvnTSx8hgMPC8Hpm9v4&google_hm=Y2GnxdgQIpd3o8IdRRWtFQAAFA8AAAAB&google_nid=index&google_push=AZmPxg_Bubp7Uf99EyBR84ct7pn8voyt99G8ydj8M7DHrX2milCaSZuukCuvmYT3KvKqDrdPEY7LDx2bHxEgVs4C0W3WIjYIGaUY

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 23:12:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Nov 2022 23:12:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FY4NtWWG%2BZc25uzR%2BiQPyF%2F%2Bq%2FM37iVwPrqW3RX5IdVfxW7xPkVfCg%2BgF7wNHt8TfrRyLHdtVt%2FLXtiRRe00RJ8E%2FHEykGoo53hTe6Bl2kme29QVtyYHcDwbLtci%2FvzEu9cBzPEM37uyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOXwGvnTSx8hgMPC8Hpm9v4&google_hm=Y2GnxdgQIpd3o8IdRRWtFQAAFA8AAAAB&google_nid=index&google_push=AZmPxg_Bubp7Uf99EyBR84ct7pn8voyt99G8ydj8M7DHrX2milCaSZuukCuvmYT3KvKqDrdPEY7LDx2bHxEgVs4C0W3WIjYIGaUY
cache-control: no-cache
cf-ray: 76385032b91b9a0c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1C1F 0
232 B 212ms
36ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J226JbeJ998n7jf79FZQC3BpFVXmZSsgI-jJYbpDZ60Dfkk6aWkKpJGCZFzCGPzcRNMVYf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 23:12:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E294
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

56ms
54ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 23:12:05 GMT
expires: Tue, 01 Nov 2022 23:12:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 23:12:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 iframe.html Show response
p4-btqfjyuejc75i-qqyjx67pzctobbrp-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame B8E4 4 KB
2 KB 114ms
47ms Document
text/html 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-btqfjyuejc75i-qqyjx67pzctobbrp-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-btqfjyuejc75i-qqyjx67pzctobbrp-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-btqfjyuejc75i-qqyjx67pzctobbrp-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

309989d1126fd8bc32e5485f1ecb5e2c29a71cd9825f6db74df33cc4c0a83211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-btqfjyuejc75i-qqyjx67pzctobbrp-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1860
content-security-policy-report-only: script-src 'nonce-ATLxtgczFm6aSHrSGNc6NA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 23:12:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221027&jk=862710211434038&bg=!MzClMHTNAAZPh4lnb4c7ACkAdvg8WtxrJUtJJCWBA3Kgt3nUqlSrZ9vQdbqCV8FuOS08cpK-UGJwVQIAAADiUgAAAANoAQcKAOfOdgvJZ3MqNEpUWWQ8YgKXidvxxF8lpLPEDPcNTLcGd7WsZ1Xroi9YvMumh5HZe9DPM1-skwbSKY19Alw7M5vKHBnXa5-UlVJNlFHMi4R3P20cusssGiO1oGncQHygdxY_BX556CRgosgDhJVMkfDxY7U5HcOH9SwJCSm0LcNpWFN3crp2vAR6UdRUusZs33hxN8G3U5HYJTeEoobboWSh89FFHW3vwrDpd1FPPFGW-orf8hM2tjp3NTdOKSAlVXPZWSxieenT_YgTBigY_i_lOF_O73DipSH39cnazSVVc7NuUgUqSruZAqO1vgsxmDF9lMWLtXnV6tfKkE05Je95aVe9K_1ZCY0k3dE5M3nifDXvZmEP51vsMVPB3A6uozHZxxdDk-HCsdd6DYkPNYyZlbSh0u48_VmAeYeJm6hSHt-eFYvazK6LrMOshJFlUr9DlOWs6TCAlWv9GHbKIm_2_ugApmxtxB9uoCTE1z_1y_RFaXfEMKvVSqmYs2MnV8D-ZGazWvprx3IRa1g268qxfY_0QUGNcGwGM_ABCZ_sppYLfZwMIkwxZZpvKxtb6VxBQS3NB49p-xDORB4uHN9GXtJUVzKzbZXWBFeZkpJGcHqlTDjZivCXcpA8B3mrPv12jgZOUqyTOaaqfShnrJKDPC6KSJmvDCnc60pOExuJcV-XyFtlBQfTzgQo6Xhyr3WuIkl0-Zt5Iqc3F07DshWbM62xSKGGRbNt4JhloF9CkEG7TCwmUeTZEv7X5kql77RxuWtstPDJTtisQHwmHebW3NsTVbiLqNpoKe0js-hXy5WeYaEQTY1CdViDwaSfhNpKu8bJOgjWzhwoc57B3Lv6MPdSX5DSHSlgvcTgv9YtpqwtkPGfI9eqi8ZwCKWQiCZdF11OmZAZP5YDUhlowkCyIwMab8vQ6W84UODfOLXcJNC2DAhEvebTFvsP_aby0bbP2g0dxRquJKB4TGCq5eAa1JSFFP-04DjnqTbA_wwY4m756wCwLlzUy1w4Hf4WZaqpgeLOXG0suIXagi4YbviKCR7q3DEMjo__1_mCK8T0HGG6qgpxJ14_NSHfWU5Zs6-o5cNkrokS5gxUltL_6cvPrUCCcYnbNWKdu46YNcbJHIi7PTXv8LnsjJd7m9FqR6x_3GymxDIwmq-2jzmf_fXMSf1RxqgmsjL7xsEQXduODApswVHPQ1bLdnthhms
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.med-health.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 83D5 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 19:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 19:59:05 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 24C2 42 B
64 B 72ms
71ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7lObFRDQrNbLvxOC6awvoz6wTwz-YE1IY9NPpph9opiHbR8_spRGm-Z7ErZnXwvUs2DRRmeQc33PCsx23H9KcZq_2NpNOSJ1C2pMU3QceGN_Flpjly4Th_qIULyqP0z-IaE7u-A&sai=AMfl-YRHEUjwAtlTFuJAzQL0AySVt2DEA2fsAbXNiDIQjzvXt5kjwRwQFESPQ5Jh2IpwvrKQwq_-WPfXIClDOqQ&sig=Cg0ArKJSzCrKIWDo4Cu4EAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=85,753,1001,1089,1089&tos=85,668,248,88,0&v=20221031&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1667344324384&rpt=298&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 23:12:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.med-health.net/	1969-12-31 23:59:59	Name: sid Value: uttms9atn5anrhu1uiqu66tvl1
.med-health.net/	1970-01-20 16:45:04	Name: _ga Value: GA1.2.227702234.1667344323
.med-health.net/	1970-01-20 07:10:30	Name: _gid Value: GA1.2.1209473844.1667344323
.med-health.net/	1970-01-20 07:09:04	Name: _gat Value: 1
.med-health.net/	1970-01-20 16:30:40	Name: __gads Value: ID=de233ab76142d672-22ea6ce960ce008b:T=1667344323:RT=1667344323:S=ALNI_MaQgeTfGKZY_ucyIHovJmbsqUYywg
.med-health.net/	1970-01-20 16:30:40	Name: __gpi Value: UID=00000b7b7fe1de11:T=1667344323:RT=1667344323:S=ALNI_MZFEnibzrMBYJdFrECRDR2hfkC10g
.doubleclick.net/	1970-01-20 07:09:07	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 16:30:40	Name: IDE Value: AHWqTUlZ5hlxWcyubDU0ESDFnc8y_oG5FPdlo8Fc4W0SPDGpv7Kk50RB5CzunO5Udho
.quantserve.com/	1970-01-20 09:18:40	Name: d Value: EAMBCQG8J4EA
.quantserve.com/	1970-01-20 16:39:18	Name: mc Value: 6361a7c5-5b8a2-b4550-37a96
.agkn.com/	1970-01-20 15:54:40	Name: ab Value: 0001%3Ayeb1xhuMLbEbi6fnfaX2ZuNt093B%2F9zs
.agkn.com/	1970-01-20 15:54:40	Name: u Value: C\|0CEAq9GRFKvRkRQAAAAAAAQ13AQCAAQpAAAAAAA
.pubmatic.com/	1970-01-20 07:10:30	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 15:54:40	Name: CMID Value: Y2GnxdgQIpd3o8IdRRWtFQAA
.casalemedia.com/	1970-01-20 09:18:40	Name: CMPS Value: 5135
.casalemedia.com/	1970-01-20 09:18:40	Name: CMPRO Value: 5135
.pubmatic.com/	1970-01-20 09:18:40	Name: KADUSERCOOKIE Value: EAF98BB3-E134-4E0F-B2D9-AC7A3AB4B577
.casalemedia.com/	1970-01-20 09:18:40	Name: CMTS Value: 5162

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.med-health.net/themes/theme6/images/common/right_gray.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8wWToymSM8l6SnxCHS-VEbGpAmOgNrOZKi_JHPoZVxhXJeircHY2ZOvfttb8QT1k7Jy-Hht0SZ_l7c7g0cPxmCfhixMv0V&google_gid=CAESEEhdsHOHKdrGARMEgJBHyrs&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
fonts.googleapis.com
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
med-health.net
p4-btqfjyuejc75i-qqyjx67pzctobbrp-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.med-health.net
104.18.18.126
142.250.185.162
142.250.185.99
18.158.130.124
185.64.190.78
2606:4700:3031::ac43:b712
2606:4700:3034::6815:2411
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:806::2004
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2002
35.186.253.211
35.244.174.68
69.173.144.165
02deabb659b14c7af13a40a4bbc9c450b2aca71659b7a6ad4206b42ac0c49edd
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
0b716714eb4fabc3721d120eb31b988e43665b05959a5f60a34a343004ec9930
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d8736d956a1f73f5a21504767479f84b6e5f027f753e6ce23074ed3ed66b504
109ddac5fcac2d26ff455dabfaa93b705a883131b6d53548494a8b8a62ccbcdc
1185d7659bdbe26e422447fbb709ef6bf4c9714f07954bd458379f6f4bc7c403
12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e
136bbd2ad61c942368d93f73d60a0fbec1224780967dffddf18bd4ea8f805973
14d9b6f9f85183639e10ca049feb0851103d99e0bdc621b1d723e3c76c3d7715
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
2013964c49ea9732ba70c23e54f4b3e6d3e12a385455c6595977f59c42ea03f0
25e25e08ee4efe66a580793866a1e6e4f444a8418b45f93c9ed724bfea3813a7
28f73e2c5418ee670512d0cfff234fcd928cc0a98e1d33446e463b698fe1b0c7
309989d1126fd8bc32e5485f1ecb5e2c29a71cd9825f6db74df33cc4c0a83211
35180a3fca2a5713d38ad7b8ead8041114c820e3435b45740b49971fabecfce8
35a853b37ec9808762b60c2021b8ae558ef4b7784f27b00ec7d75054faa32fc2
384820e32636977b95d2c7ea5e9009a3c4620965a0b91eb64d1479c4c2eea389
3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84
46b06a7dc0ebffc0d4af2ffe15d128ba97a8f58cbb358a31cd2eba72ae70144b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d6fe29485b5b2b488d50c385a4836e62d4c54306d196e308cc15332ba0e023a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e593beaee04261b4e917871713948a44b06ae3c6b18231e7b5723438b9f0ec2
4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2
50c12f9e171d9eec0e0354b04881d83d25b38d36f99ab2feeca5e4ad39cd20e8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58cb6246e70cd832e51db0c2ecdebfd125597f3792c73316029bb5c948de2d90
5b7b3e24de9d41a5358a1a1607dfcc35db815fdd6871d98e54cabdc02710c85e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6ba1274ba4399ec1453aecaeabf2e586992c80b720dfc4dde420da2f777f8677
6c3a9e7031c88ce8f192ef942c9cbcd2b4e5654c1697d0d7f78065893c4a4b67
7ceeccad41a318641921a6006376e314dca1b696a58a0bc165488ffc092a9e0a
805bdd5d8618e8a5f21ac3641bb4f8e4f2575a064ea15cb7a4e94ca57112ee5c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d82263f77ae9681acf09940ade88d07d3306e789b610a86858c97ef7e2e766f
8ea85ef5750e17e59d9fffdaa834d5f9d8418eee56a52cffc78ce8918bd07e32
8f2ee5f3e0d4a5f486d1c59a15d0c0c33c4be58fe0c52b778ad0b5836005f6e1
94dff028b7a3e2e93a5a8bfa1cd93388b97381142aee6746de110644b54a5de1
9508e6f157649c0de0b5489f2053a45f21b53eec174be185c149bf138a158ed0
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
998d56233241972f09b4fb254d585c80e273842ed47fe8852cac6e696b4c6d84
99ae0a90f943df3192a8f1d634239a7e17e776140885ea450ddb720f45543294
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a38b3a03a8f4f2330f03c32186ec86261cd3c5a9e8d28b0d0b9f1da4d6f3fe89
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7e6dec2f28625377700040dcb5fbd0d87ad221abf0e387754267a32f1aaf989
ab45ee6020b00217f4ccfdcb1713e3967a069e13d2bbac4f0820cd3701a147b2
ac4c5fd061bc3605976eaa80a8a156ac501c1c81f7473d35bec4343fa2b6badb
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5d3c6a246ba09a7e31af987900502a55159039b8ba05b539c6f31ba0f590ea1
b8e47f1365cc1bd13255076abd5c4c8c902c6ace58760ada00a494fd807c194b
bd1bebebe81143131b13f42b81ebde8e1e69b5d41af455db3c5e8e5c4dedb82b
bfa6a72dcf28846fd7f716e745538bf7607af69f78cf4f9db3d2a126fab319c6
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c283c76ccc10b51539f0aae203603588cab6beae9ec832f4004d741cedfa5906
d5df24dbf0ba1b6e21a0003cc5780bf70a7aff836e060ae78c9755dd49cfb3a3
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
d9c9e96f2216c86e854ca6b57e46b5c6d6a01d58491ee775c739011a249a68b3
dced0e1e0be39c4d94b1b39ff94cda32d51c50233702fd7bd4710916ffb4a630
df7c4dbc93cd2590a5a44ea4bac831a7f346c83b7203d486656dab27f5a27c9a
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb80b636ffc0aebe99abd6d54264d428b888faf2e720854ca021fabe88c3aec4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1659c38058e8d82f3d1eab7d1bf464396fc451c2c1a66b98dbfd1e5f211f76d
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

www.med-health.net Open in urlscan Pro 2606:4700:3031::ac43:b712 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

66 %HTTPS

64 %IPv6

17 Domains

22 Subdomains

18 IPs

4 Countries

1298 kBTransfer

3072 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.med-health.net Open in urlscan Pro
2606:4700:3031::ac43:b712 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

66 %
HTTPS

64 %
IPv6

17
Domains

22
Subdomains

18
IPs

4
Countries

1298 kB
Transfer

3072 kB
Size

18
Cookies

102 HTTP transactions
2 data transactions