secure.getneuropure.com Open in urlscan Pro
2606:4700:3035::ac43:a3ae Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.paleohacks-mailing.com/a/168/click/9955152/746255798/_62ff2902541c00bf1340adc5f6744993ff0b7aa5/a470b3469ff6cc198b0e4aa5...
Effective URL:
https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false...
Submission: On April 21 via api (April 21st 2023, 4:28:12 am UTC) from BE — Scanned from DE

Summary HTTP 118 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 60 IPs in 9 countries across 50 domains to perform 118 HTTP transactions. The main IP is 2606:4700:3035::ac43:a3ae, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.getneuropure.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 22nd 2022. Valid for: a year.

This is the only time secure.getneuropure.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.238.129.105 35.238.129.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.210.2.133 52.210.2.133	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:303... 2606:4700:3035::ac43:a3ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:223... 2600:9000:223c:5400:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:310... 2606:4700:3108::ac42:2b71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
3	64.202.112.127 64.202.112.127	23352 (SERVERCEN...) (SERVERCENTRAL)
1 4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b150:c922:c4f2:8c5e:8b2	14618 (AMAZON-AES) (AMAZON-AES)
1	3.216.127.149 3.216.127.149	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400e:14::6	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	18.194.221.34 18.194.221.34	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 2	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.159.43.130 18.159.43.130	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.101 185.86.139.101	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	54.228.21.106 54.228.21.106	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1 2	34.251.27.114 34.251.27.114	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.197.201.17 18.197.201.17	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4264:2609:a049:6938:c784	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	104.109.73.198 104.109.73.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.212.150.11 52.212.150.11	16509 (AMAZON-02) (AMAZON-02)
1	52.19.178.150 52.19.178.150	16509 (AMAZON-02) (AMAZON-02)
1	3.19.203.71 3.19.203.71	16509 (AMAZON-02) (AMAZON-02)
118	60

1 35.238.129.105 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.129.238.35.bc.googleusercontent.com

links.paleohacks-mailing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.2.133 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com

vitality.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3035::ac43:a3ae (United States)

ASN13335 (CLOUDFLARENET, US)

secure.getneuropure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5400:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2b71 (United States)

ASN13335 (CLOUDFLARENET, US)

go.maxweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

cdn.bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.127 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b150:c922:c4f2:8c5e:8b2 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.127.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-127-149.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400e:14::6 (Ireland)

ASN15169 (GOOGLE, US)

rr1---sn-5hne6nzk.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.221.34 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-221-34.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.12 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.212 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.43.130 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-43-130.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.21.106 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-21-106.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.27.114 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-27-114.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.201.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-201-17.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:2609:a049:6938:c784 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.73.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-73-198.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.150.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-150-11.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.178.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-178-150.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.19.203.71 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-203-71.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	947 KB
11	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3191 gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 1686 sslwidget.criteo.com — Cisco Umbrella Rank: 1930 widget.us.criteo.com — Cisco Umbrella Rank: 17390 dis.criteo.com — Cisco Umbrella Rank: 941	29 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1265 i.clarity.ms — Cisco Umbrella Rank: 24754 c.clarity.ms — Cisco Umbrella Rank: 1901	23 KB
7	googlevideo.com rr1---sn-5hne6nzk.googlevideo.com — Cisco Umbrella Rank: 43557	2 MB
7	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 static.doubleclick.net — Cisco Umbrella Rank: 390 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	5 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2930 www.google.com — Cisco Umbrella Rank: 16	15 KB
6	getneuropure.com secure.getneuropure.com	107 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119 jnn-pa.googleapis.com — Cisco Umbrella Rank: 310	31 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 319 secure.adnxs.com — Cisco Umbrella Rank: 604	4 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2993 tr.outbrain.com — Cisco Umbrella Rank: 2759 sync.outbrain.com — Cisco Umbrella Rank: 987	8 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 519 c.bing.com — Cisco Umbrella Rank: 413	15 KB
3	google.de www.google.de — Cisco Umbrella Rank: 3425	626 B
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3443 rp.liadm.com — Cisco Umbrella Rank: 2091 rp4.liadm.com — Cisco Umbrella Rank: 5523	17 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	206 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 812	878 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 277	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1838	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 402	506 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	875 B
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 209	3 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	216 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	137 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	20 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2576	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 807	337 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2613	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3632	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 19048	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2806	399 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 976	580 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1620	884 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2879	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 612	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1151	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1622	162 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 535	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2185	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1472	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 774	114 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 777	363 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 447	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 838	802 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 108	80 KB
1	bttrack.com cdn.bttrack.com — Cisco Umbrella Rank: 9937	294 B
1	maxweb.com go.maxweb.com — Cisco Umbrella Rank: 189350	358 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 997	30 KB
1	go2cloud.org 1 redirects vitality.go2cloud.org	2 KB
1	paleohacks-mailing.com 1 redirects links.paleohacks-mailing.com — Cisco Umbrella Rank: 485071	732 B
0	go2app.org Failed media.go2app.org Failed
118	50

	Domain	Requested by
21	www.youtube.com	secure.getneuropure.com www.youtube.com
7	rr1---sn-5hne6nzk.googlevideo.com	www.youtube.com
6	secure.getneuropure.com	secure.getneuropure.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
4	jnn-pa.googleapis.com	www.youtube.com
4	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com www.youtube.com
3	i.clarity.ms	www.clarity.ms
3	www.google.com	secure.getneuropure.com www.youtube.com
3	www.google.de	secure.getneuropure.com
3	region1.analytics.google.com	www.googletagmanager.com
3	www.clarity.ms	secure.getneuropure.com www.clarity.ms bat.bing.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com secure.getneuropure.com
3	www.googletagmanager.com	secure.getneuropure.com www.googletagmanager.com
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	c.clarity.ms	1 redirects
2	yt3.ggpht.com	www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	www.facebook.com	secure.getneuropure.com
2	tr.outbrain.com	amplify.outbrain.com secure.getneuropure.com
2	connect.facebook.net	secure.getneuropure.com connect.facebook.net
2	www.google-analytics.com	secure.getneuropure.com www.google-analytics.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	c.bing.com	1 redirects
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	widget.us.criteo.com	secure.getneuropure.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com	secure.getneuropure.com
1	rp4.liadm.com	secure.getneuropure.com
1	rp.liadm.com	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	cdn.bttrack.com	www.googletagmanager.com
1	dynamic.criteo.com	www.googletagmanager.com
1	go.maxweb.com	www.googletagmanager.com
1	b-code.liadm.com	www.googletagmanager.com
1	amplify.outbrain.com	secure.getneuropure.com
1	fonts.googleapis.com	secure.getneuropure.com
1	code.jquery.com	secure.getneuropure.com
1	vitality.go2cloud.org	1 redirects
1	links.paleohacks-mailing.com	1 redirects
0	media.go2app.org Failed	www.googletagmanager.com
118	68

This site contains links to these domains. Also see Links.

Domain
getneuropure.com
bloodsugarblaster.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-22` - `2023-06-22`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-28` - `2023-04-28`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-04` - `2024-04-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-04-11` - `2023-06-20`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
itm.ivitrack.com R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069
Frame ID: B85D3261110AF481D08BFFC4A5041849
Requests: 49 HTTP requests in this frame

Frame: https://go.maxweb.com/conversion/iframe/?a=7027&token=4f40db3052fb814e9e1f35f0499b164d
Frame ID: 6F269FA6B040604BEE4E9386F0DDD54C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=secure.getneuropure.com&origin=onetag
Frame ID: C742130B58E81BB2D42AF246A2C1A37E
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
Frame ID: 24663860F2E5C98A2E1AAEDBDEF2F9A8
Requests: 37 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-MXl252pqf7V8cJEcmGkkN7Y_Rhli2OLaFSn0Vg&expires=30
Frame ID: B802C55F14BCC89BD9B4418037D95F53
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NeuroPure

Page URL History Show full URLs

https://links.paleohacks-mailing.com/a/168/click/9955152/746255798/_62ff2902541c00bf1340adc5f6744993ff0b7aa5/a470... HTTP 302
https://vitality.go2cloud.org/aff_c?offer_id=12&aff_id=1069&aff_sub=PH42023 HTTP 302
https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff... Page URL

Detected technologies

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

118
Requests

86 %
HTTPS

42 %
IPv6

50
Domains

68
Subdomains

60
IPs

9
Countries

4142 kB
Transfer

8189 kB
Size

72
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://getneuropure.com/privacy-policy-np
Title: Privacy

Search URL Search Domain Scan URL

URL: https://getneuropure.com/terms-np
Title: Terms

Search URL Search Domain Scan URL

URL: https://getneuropure.com/disclaimer-np
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://getneuropure.com/anti-spam-policy-np
Title: Anti-Spam Policy

Search URL Search Domain Scan URL

URL: https://getneuropure.com/about-us-np
Title: About Us

Search URL Search Domain Scan URL

URL: https://bloodsugarblaster.com/contactw4ajt9jn
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://getneuropure.com/contacts-np
Title: Affiliates

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.paleohacks-mailing.com/a/168/click/9955152/746255798/_62ff2902541c00bf1340adc5f6744993ff0b7aa5/a470b3469ff6cc198b0e4aa5b1fcc4b833dd0183 HTTP 302
https://vitality.go2cloud.org/aff_c?offer_id=12&aff_id=1069&aff_sub=PH42023 HTTP 302
https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://rp.liadm.com/j?dtstmp=1682051285923&aid=a-07go&se=e30&duid=9cffd4819687--01gyh13gs8zwn9e3h9v383zqp0&tna=v2.7.1&pu=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&wpn=lc-bundle&c=PHRpdGxlPk5ldXJvUHVyZTwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkFsbCBOYXR1cmFsIE5lcnZlIFN1cHBvcnQgU3VwcGxlbWVudCI-PGgxIGNsYXNzPSJuZSBlbEhlYWRsaW5lIGhzU2l6ZTMgbGg0IGVsTWFyZ2luMCBlbEJHU3R5bGUwIGhzVGV4dFNoYWRvdzAiIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGZvbnQtc2l6ZTogMTZweDsiIGRhdGEtYm9sZD0iaW5oZXJpdCIgZGF0YS1ncmFtbT0iZmFsc2UiIGNvbnRlbnRlZGl0YWJsZT0iZmFsc2UiPgogICAgICAgICAgICAgIDxkaXY-PGI-SXMgdGhlIGtleSB0byBlbGltaW5hdGluZyBuZXVyb3BhdGh5IGhpZGRlbiB3aXRoaW4gb24gYSByZW1vdGUgR3JlZWsgSXNsYW5kPzwvYj48L2Rpdj4KICAgICAgICAgICAgPC9oMT48aDEgY2xhc3M9Im5lIGVsSGVhZGxpbmUgaHNTaXplMyBsaDQgZWxNYXJnaW4wIGVsQkdTdHlsZTAgaHNUZXh0U2hhZG93MCIgc3R5bGU9InRleHQtYWxpZ246IGNlbnRlcjsgZm9udC1zaXplOiAyOHB4OyIgZGF0YS1ib2xkPSJpbmhlcml0IiBkYXRhLWdyYW1tPSJmYWxzZSIgY29udGVudGVkaXRhYmxlPSJmYWxzZSI-CiAgICAgICAgICAgICAgPGRpdj48Yj5JcyB0aGUga2V5IHRvIGVsaW1pbmF0aW5nIG5ldXJvcGF0aHkgaGlkZGVuIHdpdGhpbiBvbiBhIHJlbW90ZSBHcmVlayBJc2xhbmQ_PC9iPjwvZGl2PgogICAgICAgICAgICA8L2gxPjxoMSBjbGFzcz0ibmUgZWxIZWFkbGluZSBoc1NpemUzIGxoNCBlbE1hcmdpbjAgZWxCR1N0eWxlMCBoc1RleHRTaGFkb3cwIiBzdHlsZT0idGV4dC1hbGlnbjogY2VudGVyOyBmb250LXNpemU6IDQ2cHg7IiBkYXRhLWJvbGQ9ImluaGVyaXQiIGRhdGEtZ3JhbW09ImZhbHNlIiBjb250ZW50ZWRpdGFibGU9ImZhbHNlIj48Yj5DdXN0b21lciZuYnNwO3Rlc3RpbW9uaWFsczwvYj48L2gxPjxoMSBjbGFzcz0ibmUgZWxIZWFkbGluZSBoc1NpemUzIGxoNCBlbE1hcmdpbjAgZWxCR1N0eWxlMCBoc1RleHRTaGFkb3cwIiBzdHlsZT0idGV4dC1hbGlnbjogY2VudGVyO2ZvbnQtc2l6ZTogMzJweCIgZGF0YS1ib2xkPSJpbmhlcml0IiBkYXRhLWdyYW1tPSJmYWxzZSIgY29udGVudGVkaXRhYmxlPSJmYWxzZSI-CiAgICAgICAgICAgICAgPGI-RkFRPC9iPgogICAgICAgICAgICA8L2gxPjxoMSBjbGFzcz0ibmUgZWxIZWFkbGluZSBoc1NpemUzIGxoNCBlbE1hcmdpbjAgZWxCR1N0eWxlMCBoc1RleHRTaGFkb3cwIiBzdHlsZT0idGV4dC1hbGlnbjogY2VudGVyO2ZvbnQtc2l6ZTogMzJweCIgZGF0YS1ib2xkPSJpbmhlcml0IiBkYXRhLWdyYW1tPSJmYWxzZSIgY29udGVudGVkaXRhYmxlPSJmYWxzZSI-U2ltcGx5IHNlbGVjdCB3aGljaCBkaXNjb3VudGVkIG9wdGlvbiB5b3Ugd2FudCBiZWxvdyBhbmQgPGI-Y2xpY2sgb24gdGhlCiAgICAgICAgICAgICAgICB5ZWxsb3cg4oCcYWRkIHRvIG9yZGVy4oCdIGJ1dHRvbi48L2I-CiAgICAgICAgICAgIDwvaDE- HTTP 302
https://rp4.liadm.com/j?dtstmp=1682051285923&aid=a-07go&se=e30&duid=9cffd4819687--01gyh13gs8zwn9e3h9v383zqp0&tna=v2.7.1&pu=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&wpn=lc-bundle&c=PHRpdGxlPk5ldXJvUHVyZTwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkFsbCBOYXR1cmFsIE5lcnZlIFN1cHBvcnQgU3VwcGxlbWVudCI-PGgxIGNsYXNzPSJuZSBlbEhlYWRsaW5lIGhzU2l6ZTMgbGg0IGVsTWFyZ2luMCBlbEJHU3R5bGUwIGhzVGV4dFNoYWRvdzAiIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGZvbnQtc2l6ZTogMTZweDsiIGRhdGEtYm9sZD0iaW5oZXJpdCIgZGF0YS1ncmFtbT0iZmFsc2UiIGNvbnRlbnRlZGl0YWJsZT0iZmFsc2UiPgogICAgICAgICAgICAgIDxkaXY-PGI-SXMgdGhlIGtleSB0byBlbGltaW5hdGluZyBuZXVyb3BhdGh5IGhpZGRlbiB3aXRoaW4gb24gYSByZW1vdGUgR3JlZWsgSXNsYW5kPzwvYj48L2Rpdj4KICAgICAgICAgICAgPC9oMT48aDEgY2xhc3M9Im5lIGVsSGVhZGxpbmUgaHNTaXplMyBsaDQgZWxNYXJnaW4wIGVsQkdTdHlsZTAgaHNUZXh0U2hhZG93MCIgc3R5bGU9InRleHQtYWxpZ246IGNlbnRlcjsgZm9udC1zaXplOiAyOHB4OyIgZGF0YS1ib2xkPSJpbmhlcml0IiBkYXRhLWdyYW1tPSJmYWxzZSIgY29udGVudGVkaXRhYmxlPSJmYWxzZSI-CiAgICAgICAgICAgICAgPGRpdj48Yj5JcyB0aGUga2V5IHRvIGVsaW1pbmF0aW5nIG5ldXJvcGF0aHkgaGlkZGVuIHdpdGhpbiBvbiBhIHJlbW90ZSBHcmVlayBJc2xhbmQ_PC9iPjwvZGl2PgogICAgICAgICAgICA8L2gxPjxoMSBjbGFzcz0ibmUgZWxIZWFkbGluZSBoc1NpemUzIGxoNCBlbE1hcmdpbjAgZWxCR1N0eWxlMCBoc1RleHRTaGFkb3cwIiBzdHlsZT0idGV4dC1hbGlnbjogY2VudGVyOyBmb250LXNpemU6IDQ2cHg7IiBkYXRhLWJvbGQ9ImluaGVyaXQiIGRhdGEtZ3JhbW09ImZhbHNlIiBjb250ZW50ZWRpdGFibGU9ImZhbHNlIj48Yj5DdXN0b21lciZuYnNwO3Rlc3RpbW9uaWFsczwvYj48L2gxPjxoMSBjbGFzcz0ibmUgZWxIZWFkbGluZSBoc1NpemUzIGxoNCBlbE1hcmdpbjAgZWxCR1N0eWxlMCBoc1RleHRTaGFkb3cwIiBzdHlsZT0idGV4dC1hbGlnbjogY2VudGVyO2ZvbnQtc2l6ZTogMzJweCIgZGF0YS1ib2xkPSJpbmhlcml0IiBkYXRhLWdyYW1tPSJmYWxzZSIgY29udGVudGVkaXRhYmxlPSJmYWxzZSI-CiAgICAgICAgICAgICAgPGI-RkFRPC9iPgogICAgICAgICAgICA8L2gxPjxoMSBjbGFzcz0ibmUgZWxIZWFkbGluZSBoc1NpemUzIGxoNCBlbE1hcmdpbjAgZWxCR1N0eWxlMCBoc1RleHRTaGFkb3cwIiBzdHlsZT0idGV4dC1hbGlnbjogY2VudGVyO2ZvbnQtc2l6ZTogMzJweCIgZGF0YS1ib2xkPSJpbmhlcml0IiBkYXRhLWdyYW1tPSJmYWxzZSIgY29udGVudGVkaXRhYmxlPSJmYWxzZSI-U2ltcGx5IHNlbGVjdCB3aGljaCBkaXNjb3VudGVkIG9wdGlvbiB5b3Ugd2FudCBiZWxvdyBhbmQgPGI-Y2xpY2sgb24gdGhlCiAgICAgICAgICAgICAgICB5ZWxsb3cg4oCcYWRkIHRvIG9yZGVy4oCdIGJ1dHRvbi48L2I-CiAgICAgICAgICAgIDwvaDE-&i6=MmEwMzoxYjIwOjY6ZjAxMTo6N2U%3D&n3pc=true

Request Chain 37

https://gum.criteo.com/sid/json?origin=onetag&domain=getneuropure.com&sn=ChromeSyncframe&so=0&topUrl=secure.getneuropure.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=akxihXx2dHdLOWxRSmtRT2w3WW1RRlY3T3BQSEUxWGlwN0lBZkxmYW9kS0wwOUdQQzJaL01wUW82YmVwN09LMldXQlgyamNPTzVrekJ1anNkOEtneWlidDRMY3d3RFExNzJjWjgrb3dwZFlKOXJ1TlNDQjE2b1ZjMWxtUFNSdUljaXg2WkFXVFJoakZxNFNOd1BOUWV3TkdFUTIwdkpFOGY0aVJUc1ZYM0VuWHcwbk9ES2NtZ2d1Z2NOLytSb1pZNk13STNKRVVrbUdoc2NLMmRaZHc1RmdnK0dHa2FBaGZ2ZDNtMzNaRG5uTmcvQ3lPbHppeHZLcEo5ek00MHk1OHJjOXdaRnEyWUVEQW5PakJKbXRtdlFqN3dGdz09fA&cppv=2

Request Chain 47

https://sslwidget.criteo.com/event?a=93796&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=6CZ8g19uYkNwTDQ3RnBEcFVuaWpxam5RM1pKM2pLSnBqUlBBZlJWV2FwVWFlc1lNVVdOamtJRWZqVSUyRkdac1owTlh4bXpESFZ2eEJDJTJGN3dzUFFBNGM5cVdMbk5pSTU3QjE0MTBBdER0SGJCaWdVaWR3dVdIbURRcTFrSlJFbktsclpKbHFCbm1sWVRhUllxb0E5R1RzRTZLU3F5MTk1aVE3WjJCRVFUYU9KOUVEa3pNJTNE&tld=getneuropure.com&dy=1&fu=https%253A%252F%252Fsecure.getneuropure.com%252Findex-vsl-cf%253Faffiliate_id%253D1483639%2526aff_sub%253D10242dc66e151f9afa8adc9df20940%2526aff_sub2%253D%2526nopopup%253Dfalse%2526noautoplay%253Dfalse%2526cookiepreview%253Dfalse%2526utm_source%253D%2526utm_medium%253D%2526utm_campaign%253DPH42023%2526utm_term%253DNeuroPure%252BRevshare_12%2526utm_content%253DPaleo%252BHacks_1069&ceid=2c150ee3-483d-4f3b-bfbc-b59de0249020&dtycbr=65566 HTTP 302
https://widget.us.criteo.com/event?a=93796&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=6CZ8g19uYkNwTDQ3RnBEcFVuaWpxam5RM1pKM2pLSnBqUlBBZlJWV2FwVWFlc1lNVVdOamtJRWZqVSUyRkdac1owTlh4bXpESFZ2eEJDJTJGN3dzUFFBNGM5cVdMbk5pSTU3QjE0MTBBdER0SGJCaWdVaWR3dVdIbURRcTFrSlJFbktsclpKbHFCbm1sWVRhUllxb0E5R1RzRTZLU3F5MTk1aVE3WjJCRVFUYU9KOUVEa3pNJTNE&tld=getneuropure.com&dy=1&fu=https%253A%252F%252Fsecure.getneuropure.com%252Findex-vsl-cf%253Faffiliate_id%253D1483639%2526aff_sub%253D10242dc66e151f9afa8adc9df20940%2526aff_sub2%253D%2526nopopup%253Dfalse%2526noautoplay%253Dfalse%2526cookiepreview%253Dfalse%2526utm_source%253D%2526utm_medium%253D%2526utm_campaign%253DPH42023%2526utm_term%253DNeuroPure%252BRevshare_12%2526utm_content%253DPaleo%252BHacks_1069&ceid=2c150ee3-483d-4f3b-bfbc-b59de0249020&dtycbr=65566

Request Chain 48

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 75

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6165631781684DEEA0E3E65D09A9811C&RedC=c.clarity.ms&MXFR=02925C7C29B66629315E4E862DB668DE HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6165631781684DEEA0E3E65D09A9811C&MUID=3FC3C6612B52620A2434D49B2A396397

Request Chain 76

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-MXl252pqf7V8cJEcmGkkN7Y_Rhli2OLaFSn0Vg&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-MXl252pqf7V8cJEcmGkkN7Y_Rhli2OLaFSn0Vg&expires=30

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-rb_EkGpqf7V8cJEcmGkkN7Y_Rhk3hJe0c0pNEg&google_cm&google_hm=ay1yYl9Fa0dwcWY3VjhjSkVjbUdra043WV9SaGszaEplMGMwcE5FZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-rb_EkGpqf7V8cJEcmGkkN7Y_Rhk3hJe0c0pNEg&google_gid=CAESEMh7RBXkbP-o8orm5lschqU&google_cver=1&google_ula=913071,0

Request Chain 78

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3390985317499784633

Request Chain 79

https://secure.adnxs.com/setuid?entity=52&code=k-Ghv6CGpqf7V8cJEcmGkkN7Y_Rhk-i_NqegE7jw HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-Ghv6CGpqf7V8cJEcmGkkN7Y_Rhk-i_NqegE7jw

Request Chain 87

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-y1l1TGpqf7V8cJEcmGkkN7Y_Rhk17UAvfNUmcg HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-y1l1TGpqf7V8cJEcmGkkN7Y_Rhk17UAvfNUmcg&verify=true

Request Chain 90

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-UpNbvmpqf7V8cJEcmGkkN7Y_RhlSvbpB1ZPYcw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-UpNbvmpqf7V8cJEcmGkkN7Y_RhlSvbpB1ZPYcw&C=1

Request Chain 91

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=CrRWv53eTyIgKdfQtYnUBx3LPgG8KwDV HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=CrRWv53eTyIgKdfQtYnUBx3LPgG8KwDV

Request Chain 93

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-LnskDmpqf7V8cJEcmGkkN7Y_RhnYg_9JqQvHSQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-LnskDmpqf7V8cJEcmGkkN7Y_RhnYg_9JqQvHSQ

Request Chain 110

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=qDvw8DEFv0BV27OCI_c5lMVeKmlfhuU8

Request Chain 112

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=2f-2LRh9WpMSNWgaAlKKuiNCfq2tQK5n

118 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index-vsl-cf Show response
secure.getneuropure.com/
Redirect Chain

https://links.paleohacks-mailing.com/a/168/click/9955152/746255798/_62ff2902541c00bf1340adc5f6744993ff0b7aa5/a470b3469ff6cc198b0e4aa5b1fcc4b833dd0183
https://vitality.go2cloud.org/aff_c?offer_id=12&aff_id=1069&aff_sub=PH42023
https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_cam...

182 KB
19 KB

683ms
603ms

Document
text/html

2606:4700:3035::ac43:a3ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a3ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20a84339c7570d519268303bd1494653f3e9a0f3b93819a1d00a0e5a26a25ae8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' cbsplit.com secure.getneuropure.com secure-getneuropure-com.cbsplit.com ;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7bb2e0d158be5cb0-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' cbsplit.com secure.getneuropure.com secure-getneuropure-com.cbsplit.com ;
content-type: text/html; charset=utf-8
date: Fri, 21 Apr 2023 04:28:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfWc9nW%2BUhhc8Uqxm28IpfjR4YwleGiKC%2F70TriIGSRZzBoSbSQv9Ij5sbN9lwawBulZ2ibEPdAHJzFtvoBX7vlqsMjC%2BqrFDL5RvNTGgKklhplrdskl9uRKnbp58frfZV0giiHMF1OJRqwtS5kYmVLxXw%2FS6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 494
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 21 Apr 2023 04:28:04 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 10242dc66e151f9afa8adc9df20940
X-Request-Id: cf6e2bb4dbc780f6a1b1ffe01d37e2fd
X-Robots-Tag: noindex, nofollow

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 60ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: secure.getneuropure.com
URL: https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://secure.getneuropure.com/
Origin: https://secure.getneuropure.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-1538f"
vary: Accept-Encoding
x-hw: 1682051285.dop227.am5.t,1682051285.cds136.am5.hn,1682051285.cds273.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 price-with-credit-cards-294-pr.png
secure.getneuropure.com/images/vsl/ 4 KB
5 KB 14ms
14ms Image
image/png 2606:4700:3035::ac43:a3ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.getneuropure.com/images/vsl/price-with-credit-cards-294-pr.png
Requested by: Host: secure.getneuropure.com
URL: https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a3ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6950a660890de2eac6f7292de201567d17d8914d66fb2633f2822782f918bdd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8753
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4315
pragma: public
last-modified: Tue, 25 Oct 2022 19:55:04 GMT
server: cloudflare
etag: "63583f18-10db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOkehv%2F3W7UlqeAESJ5TQbPSbWPTdfcs%2Bqm5L28rp1TBGHKYXr6Mz6svImNiRud4JGF73hB5RYzADoEkYrOHvMtO8k5T4Gno7h1Iy6C2KiTGsEIPQsbC8o6KapR4AhjLNaHH%2F1i%2BlT3zs4rUKmtoSLSnuPOl7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7bb2e0d5ecaf5cb0-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
928 B 131ms
45ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Helvetica+Neue+Helvetica+Arial+sans-serif%7CLato+sans-serif%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CLato+sans-serif%7COswald%7CLato+sans-serif%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CLato+sans-serif%7COswald%7CLato+sans-serif%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CLato+sans-serif%7COswald%7CLato+sans-serif%7C%7C

Requested by

Host: secure.getneuropure.com
URL: https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

074cb8fe4c110377a05635d888ae1481b4f448e685b15dfcf56c5c816cd091c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 04:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 04:28:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 04:28:05 GMT

GET
H3 200 np-lander.css
secure.getneuropure.com/css/ 425 KB
70 KB 28ms
27ms Stylesheet
text/css 2606:4700:3035::ac43:a3ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.getneuropure.com/css/np-lander.css
Requested by: Host: secure.getneuropure.com
URL: https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a3ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0739e35a97f0cc15ec554ba0a717981e979d4b4034692ae10efe1d9c4af4b740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 582684
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Wed, 01 Mar 2023 19:55:44 GMT
server: cloudflare
etag: W/"63ffadc0-6a510"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jzh4OPYnbL%2B0bxm8JUm2WttQbM9KMXv5CuQpgRKko%2BAnr%2FRSNEJTOPOWfTJh%2BYO0heONX2KsWP0oKmS3pGnPJMweES8j%2Fn4CktRIrXY0i2EFema2NkN%2FSmnrnmPbjmMeZY%2BCm22YyW8dlZA%2F9RRVnvLhCG1DJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 7bb2e0d608e837da-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fontFaCheck.css
secure.getneuropure.com/fonts/css/ 655 B
906 B 21ms
21ms Stylesheet
text/css 2606:4700:3035::ac43:a3ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.getneuropure.com/fonts/css/fontFaCheck.css
Requested by: Host: secure.getneuropure.com
URL: https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a3ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d2eea56a8ab02bc9aceb4ce55d14da594b3cc5ab9c04900b909d8e1e6dd4a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2721741
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Wed, 23 Feb 2022 11:22:24 GMT
server: cloudflare
etag: W/"621618f0-28f"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWQwNqdquKQSCoTHixOEg3GB61YlRQw9d61lVzHu8a2t1fgsB0An4knXfvSPMwayN4S9EGa8Pg8%2FRI0QVZaRPsl028Jo87vsYqfLxK87%2BbJNiOtNDtNg2Q26IE5TSKr5nkAI8WpjjHrNdQSft8li6gq8rWtdjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 7bb2e0d608eb37da-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 visits Show response
secure.getneuropure.com/api/ 556 B
833 B 502ms
501ms Script
application/javascript 2606:4700:3035::ac43:a3ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.getneuropure.com/api/visits?page_id=14&page_version=&request_id=A29E572A%3A4722_D197C0D8%3A01BB_644210D4_59C839%3A10DAF5&querystring=affiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&fbclid=&fbp=&fbc=&referrer=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a3ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7ecca4571bf06437d65302d19400da6eb8f0da74f8ae72d719c89e6ef9be3cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' cbsplit.com secure.getneuropure.com secure-getneuropure-com.cbsplit.com ;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:05 GMT
content-security-policy: frame-ancestors 'self' cbsplit.com secure.getneuropure.com secure-getneuropure-com.cbsplit.com ;
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5gMivCK3PZHtxPjY1%2FxkMJsB6s%2FcS5xlCITKCsgmHO6IFqBo0Cdjd22yAqO4bdUW%2BDd4eKJRFWvkd3Xgjg3KtJmk6VT9LS9P7UEZGZV1rDpB2nb0rK0nwDP%2F2Zu9%2Fg3K1zN72WqSKXVvl6qMRZP24fLSHbGvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 7bb2e0d608ec37da-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 118ms
35ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 04:27:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 20
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 21 Apr 2023 06:27:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
60 KB 135ms
52ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W2B6FR5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae7e2667e8ae0943c7bbdeca041071a71a38907d5e9d98741de2235f2d3632c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61396
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Apr 2023 04:28:05 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 144ms
56ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6be17d65576e37de47787cf6bfdce763c02633eb548d342fa6c20c6179d9c0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 21 Apr 2023 04:28:05 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
213 B 43ms
42ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=906763810&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&ul=en-us&de=UTF-8&dt=NeuroPure&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=651776794&gjid=1608079773&cid=821354501.1682051286&tid=G-551J33Q7R1&_gid=395768395.1682051286&_r=1&_slc=1&z=1818090589

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.getneuropure.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.getneuropure.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 55ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2B6FR5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 21 Apr 2023 04:28:05 GMT
last-modified: Thu, 20 Apr 2023 19:01:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CAC8B597A7ED42439AA031669CC2BF7E Ref B: FRAEDGE1115 Ref C: 2023-04-21T04:28:05Z
etag: "808c558fba73d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12036

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 22 KB
7 KB 30ms
6ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: secure.getneuropure.com
URL: https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5a62982f68f482f811e87d3bdeb4785ddf70e787def294f21e0a5748a27179d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:28:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Apr 2023 09:41:56 GMT
Server: AkamaiNetStorage
ETag: "838e9c2ec6e148b2af141d9d77d0f660:1680601866.61769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6771
Expires: Fri, 21 Apr 2023 04:48:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 183 KB
67 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10890968454

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2B6FR5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e2517ad313de064b3b1ee58a0cb6a8fce751da1ccdc25e8add0c862acca508f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68016
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Apr 2023 04:28:05 GMT

GET
H2 200 a-07go.min.js Show response
b-code.liadm.com/ 42 KB
14 KB 47ms
10ms Script
application/javascript 2600:9000:223c:5400:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-07go.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2B6FR5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5400:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 51bbae96fab17cc2df00e566077713f0c1ce0b5661d23df46f55c7e66efb2fe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:20:02 GMT
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 76083
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: HimfeHMVz7Dmir80HGe97ikPiP1Dam1G8Amlp-WVUOdPh0kIxanD_w==

GET
H2 200 / Show response
go.maxweb.com/conversion/iframe/ Frame 6F26 0
358 B 637ms
608ms Document
text/html 2606:4700:3108::ac42:2b71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.maxweb.com/conversion/iframe/?a=7027&token=4f40db3052fb814e9e1f35f0499b164d
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2B6FR5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.getneuropure.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=3600 private
cf-cache-status: DYNAMIC
cf-ray: 7bb2e0d78f78bb35-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 21 Apr 2023 04:28:06 GMT
expires: Fri, 21 Apr 2023 05:28:06 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 30ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Apr 2023 04:28:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: I4C7XT3hpu1SqW8tbmbznEMsywcaYwcnAXr2FkGsZO5InLMjHLhvSO2YxLrKJub4Ep9GgHxC68UUuxhGnQujJg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET dl.js
media.go2app.org/assets/js/ 0
0

GET
H2 200 8kie2pvajy Show response
www.clarity.ms/tag/ 1 KB
1 KB 154ms
104ms Script
application/x-javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/8kie2pvajy?ref=gtm2
Requested by: Host: secure.getneuropure.com
URL: https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1ec20e65cd7bc12af02945d23ad16a6c1dffd775b2c9ea9cdb007d9c2809d7ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: application/x-javascript
date: Fri, 21 Apr 2023 04:28:04 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 01RBCZAAAAAAil9zSHmtBRLItVQwKiqKyRlJBMzFFREdFMDQyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 44 KB
15 KB 78ms
28ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=%2093796

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2B6FR5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4b994dc2f69a59abbdd966414e766753f534a6eec9699cbe3ebf29d97a13d3bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 200
OK 44843 Show response
cdn.bttrack.com/universal/ 0
294 B 169ms
100ms Script
application/octet-stream 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bttrack.com/universal/44843
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2B6FR5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:28:05 GMT
Cache-Control: max-age=900
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 0
X-HW: 1682051285.dop218.am5.t,1682051285.cds126.am5.shn,1682051285.dop218.am5.t,1682051285.cds003.am5.p
Content-Type: application/octet-stream

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
79 KB 68ms
67ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-551J33Q7R1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2B6FR5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93de633bb6826bb68897441e2bdcfeee5a12d029e06d41fb0c6aa00167e28ffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 04:28:05 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 596ms
86ms Script
application/javascript 64.202.112.127
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00004e54d8d3829abd2f80200cca2553b5,00c0aca893dc335e41ac9e74b613e9884b
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:28:06 GMT
X-TraceId: fa415c8f653edc8eb4c74f6504e84964
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 604ms
89ms Image
image/gif 64.202.112.127
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=05111800091495491&referrer=&cht=gtm&marketerId=00004e54d8d3829abd2f80200cca2553b5%2C00c0aca893dc335e41ac9e74b613e9884b&name=PAGE_VIEW&dl=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: secure.getneuropure.com
URL: https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:28:06 GMT
Cache-Control: no-cache
X-TraceId: 1e29ffd425804218d1ce959140d683d4
Content-Length: 53
Content-Type: image/gif;

GET
H2 200 508112477603200 Show response
connect.facebook.net/signals/config/ 378 KB
109 KB 360ms
359ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/508112477603200?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85d3d0a43f151dd923452507fb5d09c9b5b9046e56ef7be911f598eef3e1e5eb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Apr 2023 04:28:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 92DC3Eal5JXPZ5SXeKUvzizS7fsMV6Fj4DPeN3AYJ+HF5ydbkfj6UeGWQlLT0xzCdzozAdXSkR3yofpFyghEIw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 134632104.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 108ms
108ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134632104.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

16882dee478ff69b7a88b892bb436243b28efa8dff0069c0a6ef759082860d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 21 Apr 2023 04:28:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 02534A95E3CB41A8B750F85608EFC00D Ref B: FRAEDGE1115 Ref C: 2023-04-21T04:28:05Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60
content-length: 1498

GET
H2 204 0
bat.bing.com/action/ 0
285 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134632104&Ver=2&mid=d6930e31-98bb-460d-8fd5-9398a4f24dd6&sid=e94c2a80dffc11ed8f2a7b51546a256f&vid=e94c1070dffc11ed9b282ff5e7da7e50&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=NeuroPure&p=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&r=&lt=1683&evt=pageLoad&sv=1&rn=109473

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 21 Apr 2023 04:28:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EDC6A3202A8742F9BD48AB8D1A9A85E5 Ref B: FRAEDGE1115 Ref C: 2023-04-21T04:28:05Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/6f20102c/www-widgetapi.vflset/ 185 KB
62 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6f20102c/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b90dc102393e8103382517ce1b5eb5c3517634f8da06bf3c375a90e3ef86de42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:17:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63482
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 00:14:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 20 Apr 2024 04:17:20 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10890968454/ 3 KB
2 KB 377ms
50ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10890968454/?random=1682051285776&cv=11&fst=1682051285776&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&hn=www.googleadservices.com&frm=0&tiba=NeuroPure&auid=165016421.1682051286&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10890968454

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de31b9785e093e411dd521fbf3a6ac71bb2f91c83dcce3d9d79c8173208d2596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C742 15 KB
6 KB 45ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=secure.getneuropure.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=%2093796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://secure.getneuropure.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 04:28:04 GMT
server: Kestrel
server-processing-duration-in-ticks: 364815
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 collect
region1.analytics.google.com/g/ 0
259 B 286ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-551J33Q7R1&gtm=45je34j0&_p=906763810&_gaz=1&cid=821354501.1682051286&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682051285&sct=1&seg=0&dl=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&dt=NeuroPure&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-551J33Q7R1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.getneuropure.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 292ms
19ms Ping
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-551J33Q7R1&cid=821354501.1682051286&gtm=45je34j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-551J33Q7R1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.getneuropure.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 316ms
46ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-551J33Q7R1&cid=821354501.1682051286&gtm=45je34j0&aip=1&z=1830668088

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 v6yKqF4G7b4 Show response
www.youtube.com/embed/ Frame 2466 73 KB
30 KB 92ms
89ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7994d8ea1da7849ee6d49adf81e3ee255d862d8e397e7297f09c40407a4c13c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.getneuropure.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 04:28:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.6/ 56 KB
19 KB 11ms
11ms Script
application/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.6/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/8kie2pvajy?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:05 GMT
content-encoding: br
last-modified: Thu, 20 Apr 2023 11:24:12 GMT
x-azure-ref-originshield: 016RBZAAAAAComu/hs0gEQYzg8OnMbz+YRlJBMjMxMDUwNDE4MDA5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DB4191C482824C"
x-azure-ref: 01RBCZAAAAAAcETWKBTVKSqvVA1GEOgoSRlJBMzFFREdFMDQyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6bd1cb36-101e-0081-0e9f-738e01000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 134632104 Show response
www.clarity.ms/tag/uet/ 794 B
976 B 101ms
101ms Script
application/x-javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/134632104
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/134632104.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e7f36e9ee3e5dd02a2c0f81364c7d706d5ac54d5c6d382cbc4c53a5ffae34cca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: application/x-javascript
date: Fri, 21 Apr 2023 04:28:05 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 01RBCZAAAAAAqgviIyYQHSqHhUsB2AR9GRlJBMzFFREdFMDQyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1682051285923&aid=a-07go&se=e30&duid=9cffd4819687--01gyh13gs8zwn9e3h9v383zqp0&tna=v2.7.1&pu=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D14836...
https://rp4.liadm.com/j?dtstmp=1682051285923&aid=a-07go&se=e30&duid=9cffd4819687--01gyh13gs8zwn9e3h9v383zqp0&tna=v2.7.1&pu=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483...

13 B
552 B

468ms
108ms

XHR
application/json

3.216.127.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1682051285923&aid=a-07go&se=e30&duid=9cffd4819687--01gyh13gs8zwn9e3h9v383zqp0&tna=v2.7.1&pu=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&wpn=lc-bundle&c=PHRpdGxlPk5ldXJvUHVyZTwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkFsbCBOYXR1cmFsIE5lcnZlIFN1cHBvcnQgU3VwcGxlbWVudCI-PGgxIGNsYXNzPSJuZSBlbEhlYWRsaW5lIGhzU2l6ZTMgbGg0IGVsTWFyZ2luMCBlbEJHU3R5bGUwIGhzVGV4dFNoYWRvdzAiIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGZvbnQtc2l6ZTogMTZweDsiIGRhdGEtYm9sZD0iaW5oZXJpdCIgZGF0YS1ncmFtbT0iZmFsc2UiIGNvbnRlbnRlZGl0YWJsZT0iZmFsc2UiPgogICAgICAgICAgICAgIDxkaXY-PGI-SXMgdGhlIGtleSB0byBlbGltaW5hdGluZyBuZXVyb3BhdGh5IGhpZGRlbiB3aXRoaW4gb24gYSByZW1vdGUgR3JlZWsgSXNsYW5kPzwvYj48L2Rpdj4KICAgICAgICAgICAgPC9oMT48aDEgY2xhc3M9Im5lIGVsSGVhZGxpbmUgaHNTaXplMyBsaDQgZWxNYXJnaW4wIGVsQkdTdHlsZTAgaHNUZXh0U2hhZG93MCIgc3R5bGU9InRleHQtYWxpZ246IGNlbnRlcjsgZm9udC1zaXplOiAyOHB4OyIgZGF0YS1ib2xkPSJpbmhlcml0IiBkYXRhLWdyYW1tPSJmYWxzZSIgY29udGVudGVkaXRhYmxlPSJmYWxzZSI-CiAgICAgICAgICAgICAgPGRpdj48Yj5JcyB0aGUga2V5IHRvIGVsaW1pbmF0aW5nIG5ldXJvcGF0aHkgaGlkZGVuIHdpdGhpbiBvbiBhIHJlbW90ZSBHcmVlayBJc2xhbmQ_PC9iPjwvZGl2PgogICAgICAgICAgICA8L2gxPjxoMSBjbGFzcz0ibmUgZWxIZWFkbGluZSBoc1NpemUzIGxoNCBlbE1hcmdpbjAgZWxCR1N0eWxlMCBoc1RleHRTaGFkb3cwIiBzdHlsZT0idGV4dC1hbGlnbjogY2VudGVyOyBmb250LXNpemU6IDQ2cHg7IiBkYXRhLWJvbGQ9ImluaGVyaXQiIGRhdGEtZ3JhbW09ImZhbHNlIiBjb250ZW50ZWRpdGFibGU9ImZhbHNlIj48Yj5DdXN0b21lciZuYnNwO3Rlc3RpbW9uaWFsczwvYj48L2gxPjxoMSBjbGFzcz0ibmUgZWxIZWFkbGluZSBoc1NpemUzIGxoNCBlbE1hcmdpbjAgZWxCR1N0eWxlMCBoc1RleHRTaGFkb3cwIiBzdHlsZT0idGV4dC1hbGlnbjogY2VudGVyO2ZvbnQtc2l6ZTogMzJweCIgZGF0YS1ib2xkPSJpbmhlcml0IiBkYXRhLWdyYW1tPSJmYWxzZSIgY29udGVudGVkaXRhYmxlPSJmYWxzZSI-CiAgICAgICAgICAgICAgPGI-RkFRPC9iPgogICAgICAgICAgICA8L2gxPjxoMSBjbGFzcz0ibmUgZWxIZWFkbGluZSBoc1NpemUzIGxoNCBlbE1hcmdpbjAgZWxCR1N0eWxlMCBoc1RleHRTaGFkb3cwIiBzdHlsZT0idGV4dC1hbGlnbjogY2VudGVyO2ZvbnQtc2l6ZTogMzJweCIgZGF0YS1ib2xkPSJpbmhlcml0IiBkYXRhLWdyYW1tPSJmYWxzZSIgY29udGVudGVkaXRhYmxlPSJmYWxzZSI-U2ltcGx5IHNlbGVjdCB3aGljaCBkaXNjb3VudGVkIG9wdGlvbiB5b3Ugd2FudCBiZWxvdyBhbmQgPGI-Y2xpY2sgb24gdGhlCiAgICAgICAgICAgICAgICB5ZWxsb3cg4oCcYWRkIHRvIG9yZGVy4oCdIGJ1dHRvbi48L2I-CiAgICAgICAgICAgIDwvaDE-&i6=MmEwMzoxYjIwOjY6ZjAxMTo6N2U%3D&n3pc=true

Requested by

Protocol

Server

3.216.127.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-127-149.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:06 GMT
x-pixel-event-id: caa195fa-630a-4817-ad23-bf732fd8a36f
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 1
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: eea512f89685b1d7
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Fri, 21 Apr 2023 04:28:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1682051285923&aid=a-07go&se=e30&duid=9cffd4819687--01gyh13gs8zwn9e3h9v383zqp0&tna=v2.7.1&pu=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&wpn=lc-bundle&c=PHRpdGxlPk5ldXJvUHVyZTwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkFsbCBOYXR1cmFsIE5lcnZlIFN1cHBvcnQgU3VwcGxlbWVudCI-PGgxIGNsYXNzPSJuZSBlbEhlYWRsaW5lIGhzU2l6ZTMgbGg0IGVsTWFyZ2luMCBlbEJHU3R5bGUwIGhzVGV4dFNoYWRvdzAiIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGZvbnQtc2l6ZTogMTZweDsiIGRhdGEtYm9sZD0iaW5oZXJpdCIgZGF0YS1ncmFtbT0iZmFsc2UiIGNvbnRlbnRlZGl0YWJsZT0iZmFsc2UiPgogICAgICAgICAgICAgIDxkaXY-PGI-SXMgdGhlIGtleSB0byBlbGltaW5hdGluZyBuZXVyb3BhdGh5IGhpZGRlbiB3aXRoaW4gb24gYSByZW1vdGUgR3JlZWsgSXNsYW5kPzwvYj48L2Rpdj4KICAgICAgICAgICAgPC9oMT48aDEgY2xhc3M9Im5lIGVsSGVhZGxpbmUgaHNTaXplMyBsaDQgZWxNYXJnaW4wIGVsQkdTdHlsZTAgaHNUZXh0U2hhZG93MCIgc3R5bGU9InRleHQtYWxpZ246IGNlbnRlcjsgZm9udC1zaXplOiAyOHB4OyIgZGF0YS1ib2xkPSJpbmhlcml0IiBkYXRhLWdyYW1tPSJmYWxzZSIgY29udGVudGVkaXRhYmxlPSJmYWxzZSI-CiAgICAgICAgICAgICAgPGRpdj48Yj5JcyB0aGUga2V5IHRvIGVsaW1pbmF0aW5nIG5ldXJvcGF0aHkgaGlkZGVuIHdpdGhpbiBvbiBhIHJlbW90ZSBHcmVlayBJc2xhbmQ_PC9iPjwvZGl2PgogICAgICAgICAgICA8L2gxPjxoMSBjbGFzcz0ibmUgZWxIZWFkbGluZSBoc1NpemUzIGxoNCBlbE1hcmdpbjAgZWxCR1N0eWxlMCBoc1RleHRTaGFkb3cwIiBzdHlsZT0idGV4dC1hbGlnbjogY2VudGVyOyBmb250LXNpemU6IDQ2cHg7IiBkYXRhLWJvbGQ9ImluaGVyaXQiIGRhdGEtZ3JhbW09ImZhbHNlIiBjb250ZW50ZWRpdGFibGU9ImZhbHNlIj48Yj5DdXN0b21lciZuYnNwO3Rlc3RpbW9uaWFsczwvYj48L2gxPjxoMSBjbGFzcz0ibmUgZWxIZWFkbGluZSBoc1NpemUzIGxoNCBlbE1hcmdpbjAgZWxCR1N0eWxlMCBoc1RleHRTaGFkb3cwIiBzdHlsZT0idGV4dC1hbGlnbjogY2VudGVyO2ZvbnQtc2l6ZTogMzJweCIgZGF0YS1ib2xkPSJpbmhlcml0IiBkYXRhLWdyYW1tPSJmYWxzZSIgY29udGVudGVkaXRhYmxlPSJmYWxzZSI-CiAgICAgICAgICAgICAgPGI-RkFRPC9iPgogICAgICAgICAgICA8L2gxPjxoMSBjbGFzcz0ibmUgZWxIZWFkbGluZSBoc1NpemUzIGxoNCBlbE1hcmdpbjAgZWxCR1N0eWxlMCBoc1RleHRTaGFkb3cwIiBzdHlsZT0idGV4dC1hbGlnbjogY2VudGVyO2ZvbnQtc2l6ZTogMzJweCIgZGF0YS1ib2xkPSJpbmhlcml0IiBkYXRhLWdyYW1tPSJmYWxzZSIgY29udGVudGVkaXRhYmxlPSJmYWxzZSI-U2ltcGx5IHNlbGVjdCB3aGljaCBkaXNjb3VudGVkIG9wdGlvbiB5b3Ugd2FudCBiZWxvdyBhbmQgPGI-Y2xpY2sgb24gdGhlCiAgICAgICAgICAgICAgICB5ZWxsb3cg4oCcYWRkIHRvIG9yZGVy4oCdIGJ1dHRvbi48L2I-CiAgICAgICAgICAgIDwvaDE-&i6=MmEwMzoxYjIwOjY6ZjAxMTo6N2U%3D&n3pc=true
access-control-allow-origin: https://secure.getneuropure.com
request-time: 0
access-control-allow-credentials: true
trace-id: cd8e3b661ab60f79
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 40ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=508112477603200&ev=PageView&dl=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&rl=&if=false&ts=1682051286119&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682051286111.763744575&it=1682051285709&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Apr 2023 04:28:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame C742
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=getneuropure.com&sn=ChromeSyncframe&so=0&topUrl=secure.getneuropure.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=akxihXx2dHdLOWxRSmtRT2w3WW1RRlY3T3BQSEUxWGlwN0lBZkxmYW9kS0wwOUdQQzJaL01wUW82YmVwN09LMldXQlgyamNPTzVrekJ1anNkOEtneWlidDRMY3d3RFExNzJjWjgrb3dwZFlKOXJ1TlNDQjE2b1ZjMWxtUF...

446 B
683 B

216ms
18ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=akxihXx2dHdLOWxRSmtRT2w3WW1RRlY3T3BQSEUxWGlwN0lBZkxmYW9kS0wwOUdQQzJaL01wUW82YmVwN09LMldXQlgyamNPTzVrekJ1anNkOEtneWlidDRMY3d3RFExNzJjWjgrb3dwZFlKOXJ1TlNDQjE2b1ZjMWxtUFNSdUljaXg2WkFXVFJoakZxNFNOd1BOUWV3TkdFUTIwdkpFOGY0aVJUc1ZYM0VuWHcwbk9ES2NtZ2d1Z2NOLytSb1pZNk13STNKRVVrbUdoc2NLMmRaZHc1RmdnK0dHa2FBaGZ2ZDNtMzNaRG5uTmcvQ3lPbHppeHZLcEo5ek00MHk1OHJjOXdaRnEyWUVEQW5PakJKbXRtdlFqN3dGdz09fA&cppv=2

Requested by

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d7ca352d604c078984cc88c0803ac5e68310e0a698655efe4d2eac5f0f33e773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:06 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1225144
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=akxihXx2dHdLOWxRSmtRT2w3WW1RRlY3T3BQSEUxWGlwN0lBZkxmYW9kS0wwOUdQQzJaL01wUW82YmVwN09LMldXQlgyamNPTzVrekJ1anNkOEtneWlidDRMY3d3RFExNzJjWjgrb3dwZFlKOXJ1TlNDQjE2b1ZjMWxtUFNSdUljaXg2WkFXVFJoakZxNFNOd1BOUWV3TkdFUTIwdkpFOGY0aVJUc1ZYM0VuWHcwbk9ES2NtZ2d1Z2NOLytSb1pZNk13STNKRVVrbUdoc2NLMmRaZHc1RmdnK0dHa2FBaGZ2ZDNtMzNaRG5uTmcvQ3lPbHppeHZLcEo5ek00MHk1OHJjOXdaRnEyWUVEQW5PakJKbXRtdlFqN3dGdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 333255
content-length: 0
expires: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/6f20102c/ Frame 2466 400 KB
51 KB 35ms
35ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6f20102c/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20862e9e9f70e55cde5f2f2b2763200ba9af3e2133762a18cd3ff8c17384175b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 00:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15836
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52064
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 00:14:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 20 Apr 2024 00:04:10 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10890968454/ 42 B
455 B 227ms
48ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10890968454/?random=1682051285776&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&frm=0&tiba=NeuroPure&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3265583848&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10890968454/ 42 B
154 B 47ms
46ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10890968454/?random=1682051285776&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&frm=0&tiba=NeuroPure&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3265583848&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2466 15 KB
16 KB 213ms
36ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:13:19 GMT
x-content-type-options: nosniff
age: 62087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 11:13:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2466 15 KB
15 KB 221ms
44ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 10:09:16 GMT
x-content-type-options: nosniff
age: 152330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 10:09:16 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/6f20102c/www-embed-player.vflset/ Frame 2466 349 KB
108 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6f20102c/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cd97dd33390bc5e9f3c79f3ffa5f78671ac8d833c1b5cd311c456bb7b2c993d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:48:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111029
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 00:14:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 20 Apr 2024 02:48:05 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/ Frame 2466 2 MB
622 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a0e07c34edf78fbdda6eb9153eb257516bf694a30723fd6a27a81c8463c39bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 05:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 636751
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 00:14:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 Apr 2024 05:40:42 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/6f20102c/fetch-polyfill.vflset/ Frame 2466 9 KB
3 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6f20102c/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 00:14:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 20 Apr 2024 04:10:35 GMT

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
303 B 399ms
196ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://secure.getneuropure.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://secure.getneuropure.com
Date: Fri, 21 Apr 2023 04:28:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=93796&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=6CZ8g19uYkNwTDQ3RnBEcFVuaWpxam5RM1pKM2pLSnBqUlBBZlJWV2...
https://widget.us.criteo.com/event?a=93796&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=6CZ8g19uYkNwTDQ3RnBEcFVuaWpxam5RM1pKM2pLSnBqUlBBZlJWV2...

8 KB
4 KB

454ms
104ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=93796&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=6CZ8g19uYkNwTDQ3RnBEcFVuaWpxam5RM1pKM2pLSnBqUlBBZlJWV2FwVWFlc1lNVVdOamtJRWZqVSUyRkdac1owTlh4bXpESFZ2eEJDJTJGN3dzUFFBNGM5cVdMbk5pSTU3QjE0MTBBdER0SGJCaWdVaWR3dVdIbURRcTFrSlJFbktsclpKbHFCbm1sWVRhUllxb0E5R1RzRTZLU3F5MTk1aVE3WjJCRVFUYU9KOUVEa3pNJTNE&tld=getneuropure.com&dy=1&fu=https%253A%252F%252Fsecure.getneuropure.com%252Findex-vsl-cf%253Faffiliate_id%253D1483639%2526aff_sub%253D10242dc66e151f9afa8adc9df20940%2526aff_sub2%253D%2526nopopup%253Dfalse%2526noautoplay%253Dfalse%2526cookiepreview%253Dfalse%2526utm_source%253D%2526utm_medium%253D%2526utm_campaign%253DPH42023%2526utm_term%253DNeuroPure%252BRevshare_12%2526utm_content%253DPaleo%252BHacks_1069&ceid=2c150ee3-483d-4f3b-bfbc-b59de0249020&dtycbr=65566

Requested by

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c9b8c892c11f684f41c32313f6d3525c398bca84763c9a3e0edc3a453ce9c38f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 12449343
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=93796&v=5.15.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p2=e%3Ddis&adce=1&bundle=6CZ8g19uYkNwTDQ3RnBEcFVuaWpxam5RM1pKM2pLSnBqUlBBZlJWV2FwVWFlc1lNVVdOamtJRWZqVSUyRkdac1owTlh4bXpESFZ2eEJDJTJGN3dzUFFBNGM5cVdMbk5pSTU3QjE0MTBBdER0SGJCaWdVaWR3dVdIbURRcTFrSlJFbktsclpKbHFCbm1sWVRhUllxb0E5R1RzRTZLU3F5MTk1aVE3WjJCRVFUYU9KOUVEa3pNJTNE&tld=getneuropure.com&dy=1&fu=https%253A%252F%252Fsecure.getneuropure.com%252Findex-vsl-cf%253Faffiliate_id%253D1483639%2526aff_sub%253D10242dc66e151f9afa8adc9df20940%2526aff_sub2%253D%2526nopopup%253Dfalse%2526noautoplay%253Dfalse%2526cookiepreview%253Dfalse%2526utm_source%253D%2526utm_medium%253D%2526utm_campaign%253DPH42023%2526utm_term%253DNeuroPure%252BRevshare_12%2526utm_content%253DPaleo%252BHacks_1069&ceid=2c150ee3-483d-4f3b-bfbc-b59de0249020&dtycbr=65566
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2665771
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 2466
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

46ms
45ms

XHR
application/json

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3f0c91867c407d56bb00bb8106835128b939a70dbd0cc1b968964c2a6e5e5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Apr 2023 04:28:06 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 2466 29 B
494 B 115ms
35ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:27:45 GMT
x-content-type-options: nosniff
age: 21
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Apr 2023 04:42:45 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 132ms
46ms Preflight
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 21 Apr 2023 04:28:06 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2466 66 KB
30 KB 55ms
54ms XHR
application/json+protobuf 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57753f9fe12cdafcc264617bcb28525971070916e88408ae2964238cd7035bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 21 Apr 2023 04:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30850
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 2466 70 KB
24 KB 110ms
110ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

60a199860784d21f7f7a21d0ccbd343545308ac60a6dd8f3dc53d886e7170e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230416.00.00
X-Goog-Visitor-Id: CgttZjlWcjBvMjdHSSjWoYiiBg%3D%3D

Response headers

date: Fri, 21 Apr 2023 04:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24257
x-xss-protection: 0
expires: Fri, 21 Apr 2023 04:28:06 GMT

GET
H2 200 8UE1alQR35UAvwuJtt-44LfpSpEBrl7CDo1Hk3uXWyY.js Show response
www.google.com/js/th/ Frame 2466 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/8UE1alQR35UAvwuJtt-44LfpSpEBrl7CDo1Hk3uXWyY.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f141356a5411df9500bf0b89b6dfb8e0b7e94a9101ae5ec20e8d47937b975b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 03:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 177537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14239
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 03:09:09 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/ Frame 2466 29 KB
9 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d38609092b772a10fde841c0c538fdc49ba2492b93f813c964977fe27c438a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 10:30:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64647
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9023
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 00:14:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 Apr 2024 10:30:39 GMT

GET
DATA 200
OK truncated
/ Frame 2466 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AGIKgqMEyaZ1ZrIirOFjDGVsIb_ucvEtvKxueZvKehv3NpG5DFA4PYcEgVz34Pegr2uV=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2466 963 B
1 KB 263ms
38ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AGIKgqMEyaZ1ZrIirOFjDGVsIb_ucvEtvKxueZvKehv3NpG5DFA4PYcEgVz34Pegr2uV=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0fdb2d9d92420d1c6d74863decf7d9912d177bbc66da8e0171d21a7db2afe012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:47:33 GMT
x-content-type-options: nosniff
server: fife
age: 9633
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 963
x-xss-protection: 0
expires: Sat, 22 Apr 2023 01:47:33 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=508112477603200&ev=Microdata&dl=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&rl=&if=false&ts=1682051286705&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NeuroPure%22%2C%22meta%3Adescription%22%3A%22All%20Natural%20Nerve%20Support%20Supplement%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.102&r=stable&ec=1&o=30&fbp=fb.1.1682051286111.763744575&it=1682051285709&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Apr 2023 04:28:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10890968454/ 3 KB
1 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10890968454/?random=1682051286713&cv=11&fst=1682051286713&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&hn=www.googleadservices.com&frm=0&tiba=NeuroPure&auid=165016421.1682051286&uamb=0&uaw=0&data=event%3DClarity%3BeventCategory%3DClarity%3BeventAction%3D1nhvdgs%3BnonInteraction%3Dtrue%3Bclaritydimension%3Dhttps%3A%2F%2Fclarity.microsoft.com%2Fga%2F8kie2pvajy%2Fq90747%2F1nhvdgs&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10890968454

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75110fbb0b8ea4a5b17fb9e109b6ca4426a6cbf93ecd25296d5de851be1e36cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1432
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 2466 0
19 B 43ms
43ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=244&afmt=251&cpn=OkOcygqSwtmsvQkj&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219381%2C24255163%2C24405913%2C24415864%2C24439361%2C24443595%2C24451437%2C24460285%2C24462372%2C24468617%2C24468691%2C24499116%2C24499792%2C24516157%2C24539776%2C24551145%2C39323074&cl=524526076&seq=1&docid=v6yKqF4G7b4&ei=1hBCZIP1Jcepx_AP7Oe86AI&event=streamingstats&plid=AAX50RVvSMg97nPz&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fv6yKqF4G7b4%3Fiv_load_policy%3D3%26showinfo%3D0%26widget_referrer%3D0%26disablekb%3D0%26controls%3D0%26modestbranding%3D0%26cc_load_policy%3D0%26enablejsapi%3D1%26version%3D3%26fs%3D0%26playsinline%3D0%26rel%3D0%26autoplay%3D1%26origin%3Dhttps%253A%252F%252Fsecure.getneuropure.com%26widgetid%3D1&cbr=Chrome&cbrver=112.0.5615.121&c=WEB_EMBEDDED_PLAYER&cver=1.20230416.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.012:B,0.169:B,0.169:B&cmt=0.012:0.000,0.169:0.000&afs=0.169:251::i&vfs=0.169:244:244::r&view=0.169:1100:557&bwe=0.169:130000&bat=0.169:1:1&vis=0.169:0&bh=0.169:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
X-YouTube-Client-Version: 1.20230416.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgttZjlWcjBvMjdHSSjWoYiiBg%3D%3D
X-YouTube-Ad-Signals: dt=1682051286491&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1100%2C557&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:06 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr1---sn-5hne6nzk.googlevideo.com/ Frame 2466 219 KB
220 KB 113ms
16ms Fetch
video/webm 2a00:1450:400e:14::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1682072886&ei=1hBCZIP1Jcepx_AP7Oe86AI&ip=2a03%3A1b20%3A6%3Af011%3A%3A7e&id=o-AIm3tEagQimmNYWAQoit09sWFFDJ1EWsSASPD0x5J6G2&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=5F&mm=31%2C29&mn=sn-5hne6nzk%2Csn-5hneknee&ms=au%2Crdu&mv=m&mvi=1&pl=48&initcwndbps=2937500&spc=99c5Cf0E1IP7J3rhiOW8XEU-6xoSYPNrCte0tRNJdA&vprv=1&mime=video%2Fwebm&ns=AMgrlf4TGWH5UuJnf-H1eFIM&gir=yes&clen=118481003&dur=4409.738&lmt=1639867398471982&mt=1682051107&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6F1V0TAJIlnaJg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgY-A5BSX6INA4uifpDG3jDAvKuIXmKkv20Tu1ry3NP0kCIQDN5foUMt6JtQCn3R1FFmfvo3h47N0Dfxg5pCNANEUR7A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgI0xmI6VFDxSxki7pLiwXtMmABuX4huG5k726LmwCCd4CIDeMwxdJPKL-AsKD0ZQLOEy2eUCg7nKq3VC5Hin3AnGl&alr=yes&cpn=OkOcygqSwtmsvQkj&cver=1.20230416.00.00&range=0-224557&rn=1&rbuf=0&pot=IihXL1csM21H-RRII1sNRTt4NEUVWRpFM2cEfD14OHY-RhVIchwTCmRr

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:14::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

30f5e928e1c8f2ed3f3b54e6742c8fe393b0bc4c63634cc558e138cb5a945e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:28:06 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 224558
Last-Modified: Sat, 18 Dec 2021 22:43:18 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 21 Apr 2023 04:28:06 GMT

POST
H/1.1 200
OK videoplayback Show response
rr1---sn-5hne6nzk.googlevideo.com/ Frame 2466 72 KB
73 KB 111ms
15ms Fetch
audio/webm 2a00:1450:400e:14::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1682072886&ei=1hBCZIP1Jcepx_AP7Oe86AI&ip=2a03%3A1b20%3A6%3Af011%3A%3A7e&id=o-AIm3tEagQimmNYWAQoit09sWFFDJ1EWsSASPD0x5J6G2&itag=251&source=youtube&requiressl=yes&mh=5F&mm=31%2C29&mn=sn-5hne6nzk%2Csn-5hneknee&ms=au%2Crdu&mv=m&mvi=1&pl=48&initcwndbps=2937500&spc=99c5Cf0E1IP7J3rhiOW8XEU-6xoSYPNrCte0tRNJdA&vprv=1&mime=audio%2Fwebm&ns=AMgrlf4TGWH5UuJnf-H1eFIM&gir=yes&clen=67808703&dur=4409.761&lmt=1639863260946874&mt=1682051107&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6F1V0TAJIlnaJg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgEPdT7WJ9a9WnFulHjerYIaivKX1uvxyRuaJXx_GlJlwCIQDrDS6GyTVdh_LmwTaWQjLkygsO6QtPpf_hjyxP-cNFZw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgI0xmI6VFDxSxki7pLiwXtMmABuX4huG5k726LmwCCd4CIDeMwxdJPKL-AsKD0ZQLOEy2eUCg7nKq3VC5Hin3AnGl&alr=yes&cpn=OkOcygqSwtmsvQkj&cver=1.20230416.00.00&range=0-73628&rn=2&rbuf=0&pot=IigjoiOhR-AzdGDFV9Z5yE_1QMhh1G7IR-pw8Un1TPtKy2HFBpFnhxDm

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:14::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

07e340156e5e8ba42fce81869401b39ba24ae093df06036ab97694ee9d056a3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:28:06 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 73629
Last-Modified: Sat, 18 Dec 2021 21:34:20 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 21 Apr 2023 04:28:06 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/ Frame 2466 69 KB
26 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c671e65bcee653e77ab99316da0bfe3a55755471ab333df4e54dba4bac35817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 05:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82221
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26086
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 00:14:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 Apr 2024 05:37:45 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/ Frame 2466 33 KB
9 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d6609ab1c7a85193fafbada760076c2af24f05d1624df08e9b0b2d134c1f12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:10:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 00:14:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 Apr 2024 07:10:58 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 2466 7 KB
2 KB 174ms
174ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ac6ad777c2135167908c363464b592bee378cf9742104e5b95bc107986131ffd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230416.00.00
X-Goog-Visitor-Id: CgttZjlWcjBvMjdHSSjWoYiiBg%3D%3D

Response headers

date: Fri, 21 Apr 2023 04:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2208
x-xss-protection: 0
expires: Fri, 21 Apr 2023 04:28:07 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2466 90 B
134 B 49ms
48ms XHR
application/json+protobuf 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48a6621f52f54b3bb4833067d78aeb3d365bcc129ab63360c798ebe611bb1016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 21 Apr 2023 04:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 43ms
43ms Preflight
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 21 Apr 2023 04:28:06 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/v6yKqF4G7b4/ Frame 2466 80 KB
80 KB 138ms
49ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/v6yKqF4G7b4/maxresdefault.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

511a7505781bb197ee36fbafdfbbcf37a9481854faa818449096d3ab2b109dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:07 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81624
x-xss-protection: 0
server: sffe
etag: "1632885542"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Apr 2023 06:28:07 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 2466 0
10 B 35ms
34ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?aJ0nUw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/10890968454/ 42 B
64 B 52ms
51ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10890968454/?random=1682051286713&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&frm=0&tiba=NeuroPure&data=event%3DClarity%3BeventCategory%3DClarity%3BeventAction%3D1nhvdgs%3BnonInteraction%3Dtrue%3Bclaritydimension%3Dhttps%3A%2F%2Fclarity.microsoft.com%2Fga%2F8kie2pvajy%2Fq90747%2F1nhvdgs&fmt=3&is_vtc=1&random=337178339&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10890968454/ 42 B
64 B 49ms
49ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10890968454/?random=1682051286713&cv=11&fst=1682049600000&bg=ffffff&guid=ON&async=1&gtm=45be34j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&frm=0&tiba=NeuroPure&data=event%3DClarity%3BeventCategory%3DClarity%3BeventAction%3D1nhvdgs%3BnonInteraction%3Dtrue%3Bclaritydimension%3Dhttps%3A%2F%2Fclarity.microsoft.com%2Fga%2F8kie2pvajy%2Fq90747%2F1nhvdgs&fmt=3&is_vtc=1&random=337178339&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr1---sn-5hne6nzk.googlevideo.com/ Frame 2466 231 KB
231 KB 31ms
15ms Fetch
video/webm 2a00:1450:400e:14::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1682072886&ei=1hBCZIP1Jcepx_AP7Oe86AI&ip=2a03%3A1b20%3A6%3Af011%3A%3A7e&id=o-AIm3tEagQimmNYWAQoit09sWFFDJ1EWsSASPD0x5J6G2&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=5F&mm=31%2C29&mn=sn-5hne6nzk%2Csn-5hneknee&ms=au%2Crdu&mv=m&mvi=1&pl=48&initcwndbps=2937500&spc=99c5Cf0E1IP7J3rhiOW8XEU-6xoSYPNrCte0tRNJdA&vprv=1&mime=video%2Fwebm&ns=AMgrlf4TGWH5UuJnf-H1eFIM&gir=yes&clen=118481003&dur=4409.738&lmt=1639867398471982&mt=1682051107&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6F1V0TAJIlnaJg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgY-A5BSX6INA4uifpDG3jDAvKuIXmKkv20Tu1ry3NP0kCIQDN5foUMt6JtQCn3R1FFmfvo3h47N0Dfxg5pCNANEUR7A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgI0xmI6VFDxSxki7pLiwXtMmABuX4huG5k726LmwCCd4CIDeMwxdJPKL-AsKD0ZQLOEy2eUCg7nKq3VC5Hin3AnGl&alr=yes&cpn=OkOcygqSwtmsvQkj&cver=1.20230416.00.00&range=224558-461223&rn=3&rbuf=4025&pot=Iih2S3ZNEglmnDUsAj8sIRocFSE0PTshEgMlGBwcGRIfIjQsU3gybkUP

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:14::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

211ef84cff67192e21765601cd29d1b5e210d331ff785ca89b025437c6b9d23e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 21 Apr 2023 04:28:07 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 236666
last-modified: Sat, 18 Dec 2021 22:43:18 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 21 Apr 2023 04:28:07 GMT

GET
H2 200 AGIKgqMEyaZ1ZrIirOFjDGVsIb_ucvEtvKxueZvKehv3NpG5DFA4PYcEgVz34Pegr2uV=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2466 1 KB
1 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AGIKgqMEyaZ1ZrIirOFjDGVsIb_ucvEtvKxueZvKehv3NpG5DFA4PYcEgVz34Pegr2uV=s88-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

49120c0354de24e079ff8c8a057f6c0612fbfe8fba47e4323a1bf5e6e16a2aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:08:29 GMT
x-content-type-options: nosniff
server: fife
age: 1178
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
expires: Sat, 22 Apr 2023 04:08:29 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 2466 28 B
54 B 50ms
47ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-Goog-Request-Time: 1682051287125
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
X-YouTube-Client-Version: 1.20230416.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgttZjlWcjBvMjdHSSjWoYiiBg%3D%3D
X-YouTube-Ad-Signals: dt=1682051286370&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1100%2C557&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 21 Apr 2023 04:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 21 Apr 2023 04:28:07 GMT

POST
H3 200 videoplayback Show response
rr1---sn-5hne6nzk.googlevideo.com/ Frame 2466 105 KB
105 KB 14ms
14ms Fetch
audio/webm 2a00:1450:400e:14::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1682072886&ei=1hBCZIP1Jcepx_AP7Oe86AI&ip=2a03%3A1b20%3A6%3Af011%3A%3A7e&id=o-AIm3tEagQimmNYWAQoit09sWFFDJ1EWsSASPD0x5J6G2&itag=251&source=youtube&requiressl=yes&mh=5F&mm=31%2C29&mn=sn-5hne6nzk%2Csn-5hneknee&ms=au%2Crdu&mv=m&mvi=1&pl=48&initcwndbps=2937500&spc=99c5Cf0E1IP7J3rhiOW8XEU-6xoSYPNrCte0tRNJdA&vprv=1&mime=audio%2Fwebm&ns=AMgrlf4TGWH5UuJnf-H1eFIM&gir=yes&clen=67808703&dur=4409.761&lmt=1639863260946874&mt=1682051107&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6F1V0TAJIlnaJg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgEPdT7WJ9a9WnFulHjerYIaivKX1uvxyRuaJXx_GlJlwCIQDrDS6GyTVdh_LmwTaWQjLkygsO6QtPpf_hjyxP-cNFZw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgI0xmI6VFDxSxki7pLiwXtMmABuX4huG5k726LmwCCd4CIDeMwxdJPKL-AsKD0ZQLOEy2eUCg7nKq3VC5Hin3AnGl&alr=yes&cpn=OkOcygqSwtmsvQkj&cver=1.20230416.00.00&range=73629-180766&rn=4&rbuf=6181&pot=MmROuok3iYddRk6CtRZA9ake8TRBwyPGTk4PxJuafk2ugurm1ZZdZAYwEGCGueqxfjlIanDRfnJFrNR-OXEk1CKywQ5LLX2ytc058OGF2TMi7aq9AzcSMwb8IqrTEWwgDSuCcJjz

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:14::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d13617f9abd1dce996b16c3d63b07d22203f7e46916d3d3e2abce13f1df22f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 21 Apr 2023 04:28:07 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107138
last-modified: Sat, 18 Dec 2021 21:34:20 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 21 Apr 2023 04:28:07 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6165631781684DEEA0E3E65D09A9811C&RedC=c.clarity.ms&MXFR=02925C7C29B66629315E4E862DB668DE
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6165631781684DEEA0E3E65D09A9811C&MUID=3FC3C6612B52620A2434D49B2A396397

42 B
442 B

29ms
28ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6165631781684DEEA0E3E65D09A9811C&MUID=3FC3C6612B52620A2434D49B2A396397
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:07 GMT
last-modified: Wed, 19 Apr 2023 15:34:17 GMT
server: Microsoft-IIS/10.0
etag: "f5c05c67d472d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2D7AA9CA75DA4938BD7DE6017CDE1141 Ref B: FRAEDGE1115 Ref C: 2023-04-21T04:28:07Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6165631781684DEEA0E3E65D09A9811C&MUID=3FC3C6612B52620A2434D49B2A396397
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame B802
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-MXl252pqf7V8cJEcmGkkN7Y_Rhli2OLaFSn0Vg&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-MXl252pqf7V8cJEcmGkkN7Y_Rhli2OLaFSn0Vg&expires=30

43 B
344 B

10ms
10ms

Image
image/gif

18.194.221.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-MXl252pqf7V8cJEcmGkkN7Y_Rhli2OLaFSn0Vg&expires=30
Protocol: H2
Server: 18.194.221.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-221-34.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-MXl252pqf7V8cJEcmGkkN7Y_Rhli2OLaFSn0Vg&expires=30
date: Fri, 21 Apr 2023 04:28:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame B802
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-rb_EkGpqf7V8cJEcmGkkN7Y_Rhk3hJe0c0pNEg&google_cm&google_hm=ay1yYl9Fa0dwcWY3VjhjSkVjbUdra043WV9SaGszaEplM...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-rb_EkGpqf7V8cJEcmGkkN7Y_Rhk3hJe0c0pNEg&google_gid=CAESEMh7RBXkbP-o8orm5lschqU&google_cver=1&google_ula=913071,0

43 B
369 B

17ms
16ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-rb_EkGpqf7V8cJEcmGkkN7Y_Rhk3hJe0c0pNEg&google_gid=CAESEMh7RBXkbP-o8orm5lschqU&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 694990
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-rb_EkGpqf7V8cJEcmGkkN7Y_Rhk3hJe0c0pNEg&google_gid=CAESEMh7RBXkbP-o8orm5lschqU&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame B802
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3390985317499784633

43 B
369 B

31ms
16ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3390985317499784633

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 972158
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 21 Apr 2023 04:28:07 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.196; 185.213.155.196; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ab44095d-41c2-4509-b46e-f6d509fb412b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3390985317499784633
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame B802
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-Ghv6CGpqf7V8cJEcmGkkN7Y_Rhk-i_NqegE7jw
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-Ghv6CGpqf7V8cJEcmGkkN7Y_Rhk-i_NqegE7jw

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-Ghv6CGpqf7V8cJEcmGkkN7Y_Rhk-i_NqegE7jw

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 04:28:07 GMT
AN-X-Request-Uuid: 8f1f08a0-a481-4d66-8a94-fa543a63afef
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.196; 185.213.155.196; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 04:28:07 GMT
AN-X-Request-Uuid: 2830c650-b93e-491f-ae97-a32523114f1b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-Ghv6CGpqf7V8cJEcmGkkN7Y_Rhk-i_NqegE7jw
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.196; 185.213.155.196; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame B802 61 B
802 B 108ms
30ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-7Y2MBmpqf7V8cJEcmGkkN7Y_RhnSuIFpv7LglQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 04:28:07 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Fri, 21 Apr 2023 04:28:07 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame B802 0
239 B 91ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-5luRCGpqf7V8cJEcmGkkN7Y_RhmL8_Kj9Vbb3A&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame B802 0
363 B 78ms
7ms Image
text/plain 18.159.43.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-SIPtMWpqf7V8cJEcmGkkN7Y_RhkfXD4UrU4cAw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.43.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-43-130.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:07 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame B802 43 B
114 B 99ms
16ms Image
image/gif 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-ePquLWpqf7V8cJEcmGkkN7Y_Rhk4NmSfeSeQ7A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:07 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B802 0
99 B 88ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-yz_5empqf7V8cJEcmGkkN7Y_RhkPPPM3u8vDzA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13392

GET
H2 200 um
criteo-sync.teads.tv/ Frame B802 23 B
172 B 79ms
34ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-gM_5Xmpqf7V8cJEcmGkkN7Y_Rhl_4oXWo3tOJw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Fri, 21 Apr 2023 04:28:07 GMT
pragma: no-cache
date: Fri, 21 Apr 2023 04:28:07 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame B802 37 B
140 B 34ms
9ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-DAjLlmpqf7V8cJEcmGkkN7Y_Rhn5bzo_YIeQww&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame B802
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-y1l1TGpqf7V8cJEcmGkkN7Y_Rhk17UAvfNUmcg
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-y1l1TGpqf7V8cJEcmGkkN7Y_Rhk17UAvfNUmcg&verify=true

0
121 B

10ms
10ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-y1l1TGpqf7V8cJEcmGkkN7Y_Rhk17UAvfNUmcg&verify=true

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:07 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-y1l1TGpqf7V8cJEcmGkkN7Y_Rhk17UAvfNUmcg&verify=true
date: Fri, 21 Apr 2023 04:28:07 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame B802 43 B
162 B 87ms
20ms Image
image/gif 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-ucjRFmpqf7V8cJEcmGkkN7Y_Rhlw2TA6WxCuxg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:07 GMT
last-modified: Wed, 10 Apr 2019 10:06:26 GMT
server: nginx
accept-ranges: bytes
etag: "5cadc022-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame B802 49 B
235 B 60ms
19ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-F_W8NWpqf7V8cJEcmGkkN7Y_RhmkPn4ZCTadUw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:06 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame B802
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-UpNbvmpqf7V8cJEcmGkkN7Y_RhlSvbpB1ZPYcw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-UpNbvmpqf7V8cJEcmGkkN7Y_RhlSvbpB1ZPYcw&C=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-UpNbvmpqf7V8cJEcmGkkN7Y_RhlSvbpB1ZPYcw&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 04:28:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 04:28:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-UpNbvmpqf7V8cJEcmGkkN7Y_RhlSvbpB1ZPYcw&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame B802
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=CrRWv53eTyIgKdfQtYnUBx3LPgG8KwDV
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=CrRWv53eTyIgKdfQtYnUBx3LPgG8KwDV

42 B
942 B

32ms
31ms

Image
image/gif

54.228.21.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=CrRWv53eTyIgKdfQtYnUBx3LPgG8KwDV

Protocol

HTTP/1.1

Server

54.228.21.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-21-106.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v047-0c1a5bb75.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Guy8oIfdQMI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v047-0e3229e71.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: DBw/Wd3PQbg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=CrRWv53eTyIgKdfQtYnUBx3LPgG8KwDV
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame B802 43 B
1 KB 93ms
27ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-y2TekWpqf7V8cJEcmGkkN7Y_RhlKKeSDwaHZ7Q

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 21 Apr 2023 04:28:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame B802
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-LnskDmpqf7V8cJEcmGkkN7Y_RhnYg_9JqQvHSQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-LnskDmpqf7V8cJEcmGkkN7Y_RhnYg_9JqQvHSQ

43 B
448 B

35ms
34ms

Image
image/gif

34.251.27.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-LnskDmpqf7V8cJEcmGkkN7Y_RhnYg_9JqQvHSQ
Protocol: H2
Server: 34.251.27.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-27-114.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 21 Apr 2023 04:28:07 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-LnskDmpqf7V8cJEcmGkkN7Y_RhnYg_9JqQvHSQ
access-control-allow-origin: *
date: Fri, 21 Apr 2023 04:28:07 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame B802 42 B
274 B 58ms
19ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-UpGpb2pqf7V8cJEcmGkkN7Y_Rhm9cjSpe62qqQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:06 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame B802 0
884 B 41ms
10ms Image
text/html 18.197.201.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-H1djJ2pqf7V8cJEcmGkkN7Y_RhnPRL2Z9m-bDw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.201.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-201-17.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:07 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame B802 0
145 B 504ms
90ms Image
text/plain 64.202.112.127
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-tEAwHWpqf7V8cJEcmGkkN7Y_RhlSE3eQoMFDjQ&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 04:28:07 GMT
Cache-Control: no-cache
X-TraceId: ae8c7e7b0036a13b60e5157086f413f5
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame B802 42 B
580 B 74ms
16ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-M317mmpqf7V8cJEcmGkkN7Y_RhnKVsZJL9aJRw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 21 Apr 2023 04:28:06 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame B802 43 B
399 B 419ms
103ms Image
image/gif 2600:1f18:612b:4264:2609:a049:6938:c784
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-NyEMaWpqf7V8cJEcmGkkN7Y_RhlkKPamnYwkjw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:2609:a049:6938:c784 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 21 Apr 2023 04:28:07 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame B802 43 B
153 B 72ms
27ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-bohh-Wpqf7V8cJEcmGkkN7Y_RhmowApCLGm13Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 21 Apr 2023 04:28:07 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame B802 0
400 B 39ms
15ms Image
text/plain 104.109.73.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-v6eLOmpqf7V8cJEcmGkkN7Y_RhkPXpSa6opU_Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.73.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-73-198.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 04:28:07 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Thu, 20 Apr 2023 04:28:07 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame B802 0
38 B 121ms
30ms Image
text/plain 52.212.150.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-gtNiG2pqf7V8cJEcmGkkN7Y_RhnO22K0dZgNJA&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.150.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-150-11.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:07 GMT
content-length: 0

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame 2466 0
18 B 44ms
43ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=OkOcygqSwtmsvQkj&ver=2&cmt=0.048&fmt=244&fs=0&rt=0.607&euri=https%3A%2F%2Fsecure.getneuropure.com%2F&lact=647&cl=524526076&mos=1&volume=0&cbr=Chrome&cbrver=112.0.5615.121&c=WEB_EMBEDDED_PLAYER&cver=1.20230416.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=de_DE&cr=DE&len=4409.761&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219381%2C24255163%2C24405913%2C24415864%2C24439361%2C24443595%2C24451437%2C24460285%2C24462372%2C24468617%2C24468691%2C24499116%2C24499792%2C24516157%2C24539776%2C24551145%2C39323074&rtn=9&afmt=251&size=1100%3A557&inview=0&muted=1&docid=v6yKqF4G7b4&ei=1hBCZIP1Jcepx_AP7Oe86AI&plid=AAX50RVvSMg97nPz&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fv6yKqF4G7b4%3Fiv_load_policy%3D3%26showinfo%3D0%26widget_referrer%3D0%26disablekb%3D0%26controls%3D0%26modestbranding%3D0%26cc_load_policy%3D0%26enablejsapi%3D1%26version%3D3%26fs%3D0%26playsinline%3D0%26rel%3D0%26autoplay%3D1%26origin%3Dhttps%253A%252F%252Fsecure.getneuropure.com%26widgetid%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBTE03ZXZMYzhueDNGdV9PV3J1Q0tqRTF1WTY0THBxaDBPeVd3NkhxOHYxTGJ4dGJkd2JTQVBta0tETFRjc0YzMHlLNlNyMXdWTlNPUnZVZzhCb0Ztc3oydm9ZLTB4N28zcXkxV2RKUHZLb1I1bUFJOTUwUkxkaXM0YWFjVTB0STVSV1dhdjhoAQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
X-YouTube-Client-Version: 1.20230416.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgttZjlWcjBvMjdHSSjWoYiiBg%3D%3D
X-YouTube-Ad-Signals: dt=1682051286491&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1100%2C557&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:07 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame 2466 0
20 B 44ms
43ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=v6yKqF4G7b4&cpn=OkOcygqSwtmsvQkj&ei=1hBCZIP1Jcepx_AP7Oe86AI&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
X-YouTube-Client-Version: 1.20230416.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgttZjlWcjBvMjdHSSjWoYiiBg%3D%3D
X-YouTube-Ad-Signals: dt=1682051286491&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1100%2C557&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:07 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 click-sound.gif
secure.getneuropure.com/images/vsl/ 11 KB
11 KB 21ms
20ms Image
image/gif 2606:4700:3035::ac43:a3ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.getneuropure.com/images/vsl/click-sound.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a3ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c692adee7a59ef1e8daf72557ecf2123c30c45a0512c98b64c389ad12586617

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 04:28:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 344439
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11037
pragma: public
last-modified: Tue, 14 Dec 2021 18:01:07 GMT
server: cloudflare
etag: "61b8dbe3-2b1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BCQRNan4G1o9zTyeYv8CZO%2BdhYpvmeajSAWsR33KvinTnOZzzaGTup1w%2Bp%2FXI4%2B0v0kdvoJs7pCQFDf6D6WXzKLKEQOR6%2Fw20CfuLwO%2B4TVwBckiKq4xd3FPYAUa0EiDnYUVceIlmGFVrKfevgxdFftbFhpWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7bb2e0e11b5037da-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 19ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-551J33Q7R1&gtm=45je34j0&_p=906763810&cid=821354501.1682051286&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1682051285&sct=1&seg=0&dl=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&dt=NeuroPure&en=Clarity&_ee=1&ep.eventCategory=Clarity&ep.eventAction=1nhvdgs&ep.nonInteraction=true&ep.claritydimension=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F8kie2pvajy%2Fq90747%2F1nhvdgs&_et=880
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-551J33Q7R1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.getneuropure.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr1---sn-5hne6nzk.googlevideo.com/ Frame 2466 15 KB
15 KB 37ms
36ms Fetch
video/webm 2a00:1450:400e:14::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1682072886&ei=1hBCZIP1Jcepx_AP7Oe86AI&ip=2a03%3A1b20%3A6%3Af011%3A%3A7e&id=o-AIm3tEagQimmNYWAQoit09sWFFDJ1EWsSASPD0x5J6G2&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=5F&mm=31%2C29&mn=sn-5hne6nzk%2Csn-5hneknee&ms=au%2Crdu&mv=m&mvi=1&pl=48&initcwndbps=2937500&spc=99c5Cf0E1IP7J3rhiOW8XEU-6xoSYPNrCte0tRNJdA&vprv=1&mime=video%2Fwebm&ns=AMgrlf4TGWH5UuJnf-H1eFIM&gir=yes&clen=205075196&dur=4409.738&lmt=1639867984944435&mt=1682051107&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6F1V0TAJIlnaJg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMMljplxO-1OI7GjTAvuNrERgihBLtt-OwjhxOiRq3_gAiEA2youC6fjMZrRmeiCsiZ2AwfOmKJvzUNU29BA4vMjVSM%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgI0xmI6VFDxSxki7pLiwXtMmABuX4huG5k726LmwCCd4CIDeMwxdJPKL-AsKD0ZQLOEy2eUCg7nKq3VC5Hin3AnGl&alr=yes&cpn=OkOcygqSwtmsvQkj&cver=1.20230416.00.00&range=0-15366&rn=5&rbuf=0&pot=MmROuok3iYddRk6CtRZA9ake8TRBwyPGTk4PxJuafk2ugurm1ZZdZAYwEGCGueqxfjlIanDRfnJFrNR-OXEk1CKywQ5LLX2ytc058OGF2TMi7aq9AzcSMwb8IqrTEWwgDSuCcJjz

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:14::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3c841987ce886438e29c3a2581cc0404b4b350dd354807159f714385e7f12077

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 21 Apr 2023 04:28:07 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15367
last-modified: Sat, 18 Dec 2021 22:53:04 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 21 Apr 2023 04:28:07 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 2466 28 B
54 B 51ms
47ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-Goog-Request-Time: 1682051287237
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
X-YouTube-Client-Version: 1.20230416.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgttZjlWcjBvMjdHSSjWoYiiBg%3D%3D
X-YouTube-Ad-Signals: dt=1682051286370&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1530%2C775&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 21 Apr 2023 04:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 21 Apr 2023 04:28:07 GMT

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 2466 0
20 B 44ms
43ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=247&afmt=251&cpn=OkOcygqSwtmsvQkj&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219381%2C24255163%2C24405913%2C24415864%2C24439361%2C24443595%2C24451437%2C24460285%2C24462372%2C24468617%2C24468691%2C24499116%2C24499792%2C24516157%2C24539776%2C24551145%2C39323074&cl=524526076&seq=2&docid=v6yKqF4G7b4&ei=1hBCZIP1Jcepx_AP7Oe86AI&event=streamingstats&plid=AAX50RVvSMg97nPz&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fv6yKqF4G7b4%3Fiv_load_policy%3D3%26showinfo%3D0%26widget_referrer%3D0%26disablekb%3D0%26controls%3D0%26modestbranding%3D0%26cc_load_policy%3D0%26enablejsapi%3D1%26version%3D3%26fs%3D0%26playsinline%3D0%26rel%3D0%26autoplay%3D1%26origin%3Dhttps%253A%252F%252Fsecure.getneuropure.com%26widgetid%3D1&cbr=Chrome&cbrver=112.0.5615.121&c=WEB_EMBEDDED_PLAYER&cver=1.20230416.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cmt=0.269:0.000,0.371:0.000,0.676:0.120&vps=0.269:N,0.371:S,0.676:S,0.676:S&ctmp=dompaused:t.271;r.promise;m.NotAllowedError&user_intent=0.372&vfs=0.676:247:247:244:r&view=0.676:1530:775&bwm=0.676:657358:0.815&bwe=0.676:459823&bat=0.676:1:1&bh=0.676:14.061&df=0.676:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
X-YouTube-Client-Version: 1.20230416.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgttZjlWcjBvMjdHSSjWoYiiBg%3D%3D
X-YouTube-Ad-Signals: dt=1682051286491&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1530%2C775&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:07 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr1---sn-5hne6nzk.googlevideo.com/ Frame 2466 2 MB
2 MB 16ms
15ms Fetch
video/webm 2a00:1450:400e:14::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1682072886&ei=1hBCZIP1Jcepx_AP7Oe86AI&ip=2a03%3A1b20%3A6%3Af011%3A%3A7e&id=o-AIm3tEagQimmNYWAQoit09sWFFDJ1EWsSASPD0x5J6G2&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=5F&mm=31%2C29&mn=sn-5hne6nzk%2Csn-5hneknee&ms=au%2Crdu&mv=m&mvi=1&pl=48&initcwndbps=2937500&spc=99c5Cf0E1IP7J3rhiOW8XEU-6xoSYPNrCte0tRNJdA&vprv=1&mime=video%2Fwebm&ns=AMgrlf4TGWH5UuJnf-H1eFIM&gir=yes&clen=205075196&dur=4409.738&lmt=1639867984944435&mt=1682051107&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6F1V0TAJIlnaJg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMMljplxO-1OI7GjTAvuNrERgihBLtt-OwjhxOiRq3_gAiEA2youC6fjMZrRmeiCsiZ2AwfOmKJvzUNU29BA4vMjVSM%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgI0xmI6VFDxSxki7pLiwXtMmABuX4huG5k726LmwCCd4CIDeMwxdJPKL-AsKD0ZQLOEy2eUCg7nKq3VC5Hin3AnGl&alr=yes&cpn=OkOcygqSwtmsvQkj&cver=1.20230416.00.00&range=812988-2433047&rn=6&rbuf=14648&pot=MmROuok3iYddRk6CtRZA9ake8TRBwyPGTk4PxJuafk2ugurm1ZZdZAYwEGCGueqxfjlIanDRfnJFrNR-OXEk1CKywQ5LLX2ytc058OGF2TMi7aq9AzcSMwb8IqrTEWwgDSuCcJjz

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:14::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ba6209a8b61fc5ce4d605559a2adf6b2dd6d69a4cdad856929628ac0e9419a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 21 Apr 2023 04:28:07 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1620060
last-modified: Sat, 18 Dec 2021 22:53:04 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 21 Apr 2023 04:28:07 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame B802
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=qDvw8DEFv0BV27OCI_c5lMVeKmlfhuU8

0
337 B

118ms
30ms

Image
text/plain

52.19.178.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=qDvw8DEFv0BV27OCI_c5lMVeKmlfhuU8
Protocol: H2
Server: 52.19.178.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-178-150.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by: beacon-n012-dub-prod.krxd.net
date: Fri, 21 Apr 2023 04:28:07 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1682051287
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=qDvw8DEFv0BV27OCI_c5lMVeKmlfhuU8
date: Fri, 21 Apr 2023 04:28:07 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 631535
content-length: 0

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
303 B 95ms
95ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://secure.getneuropure.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://secure.getneuropure.com
Date: Fri, 21 Apr 2023 04:28:07 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2

200

cs
s.thebrighttag.com/ Frame B802
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=2f-2LRh9WpMSNWgaAlKKuiNCfq2tQK5n

35 B
268 B

349ms
113ms

Image
image/gif

3.19.203.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=2f-2LRh9WpMSNWgaAlKKuiNCfq2tQK5n
Protocol: H2
Server: 3.19.203.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-19-203-71.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:07 GMT
x-bt-requestid: ea8f35c0-dffc-11ed-b205-0000ac17034f
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=2f-2LRh9WpMSNWgaAlKKuiNCfq2tQK5n
date: Fri, 21 Apr 2023 04:28:06 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 694335
content-length: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 2466 28 B
55 B 49ms
48ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-Goog-Request-Time: 1682051289210
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
X-YouTube-Client-Version: 1.20230416.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgttZjlWcjBvMjdHSSjWoYiiBg%3D%3D
X-YouTube-Ad-Signals: dt=1682051286370&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1530%2C775&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 21 Apr 2023 04:28:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 21 Apr 2023 04:28:09 GMT

POST
H3 200 videoplayback Show response
rr1---sn-5hne6nzk.googlevideo.com/ Frame 2466 208 KB
208 KB 14ms
14ms Fetch
audio/webm 2a00:1450:400e:14::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-5hne6nzk.googlevideo.com/videoplayback?expire=1682072886&ei=1hBCZIP1Jcepx_AP7Oe86AI&ip=2a03%3A1b20%3A6%3Af011%3A%3A7e&id=o-AIm3tEagQimmNYWAQoit09sWFFDJ1EWsSASPD0x5J6G2&itag=251&source=youtube&requiressl=yes&mh=5F&mm=31%2C29&mn=sn-5hne6nzk%2Csn-5hneknee&ms=au%2Crdu&mv=m&mvi=1&pl=48&initcwndbps=2937500&spc=99c5Cf0E1IP7J3rhiOW8XEU-6xoSYPNrCte0tRNJdA&vprv=1&mime=audio%2Fwebm&ns=AMgrlf4TGWH5UuJnf-H1eFIM&gir=yes&clen=67808703&dur=4409.761&lmt=1639863260946874&mt=1682051107&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=6F1V0TAJIlnaJg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgEPdT7WJ9a9WnFulHjerYIaivKX1uvxyRuaJXx_GlJlwCIQDrDS6GyTVdh_LmwTaWQjLkygsO6QtPpf_hjyxP-cNFZw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgI0xmI6VFDxSxki7pLiwXtMmABuX4huG5k726LmwCCd4CIDeMwxdJPKL-AsKD0ZQLOEy2eUCg7nKq3VC5Hin3AnGl&alr=yes&cpn=OkOcygqSwtmsvQkj&cver=1.20230416.00.00&range=180767-393411&rn=7&rbuf=12267&pot=MmROuok3iYddRk6CtRZA9ake8TRBwyPGTk4PxJuafk2ugurm1ZZdZAYwEGCGueqxfjlIanDRfnJFrNR-OXEk1CKywQ5LLX2ytc058OGF2TMi7aq9AzcSMwb8IqrTEWwgDSuCcJjz

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:14::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7ff3e8befc01091cd39db4ff679a1f33d4448cd9a334d0087938690e325fd7a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 21 Apr 2023 04:28:09 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 212645
last-modified: Sat, 18 Dec 2021 21:34:20 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21297
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 21 Apr 2023 04:28:09 GMT

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
303 B 95ms
94ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://secure.getneuropure.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://secure.getneuropure.com
Date: Fri, 21 Apr 2023 04:28:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H3 204 atr Show response
www.youtube.com/api/stats/ Frame 2466 0
21 B 49ms
48ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=OkOcygqSwtmsvQkj&ver=2&cmt=4.577&fmt=247&fs=0&rt=5.133&euri=https%3A%2F%2Fsecure.getneuropure.com%2F&lact=4308&cl=524526076&mos=1&volume=0&cbr=Chrome&cbrver=112.0.5615.121&c=WEB_EMBEDDED_PLAYER&cver=1.20230416.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=de_DE&cr=DE&len=4409.761&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219381%2C24255163%2C24405913%2C24415864%2C24439361%2C24443595%2C24451437%2C24460285%2C24462372%2C24468617%2C24468691%2C24499116%2C24499792%2C24516157%2C24539776%2C24551145%2C39323074&afmt=251&muted=1&docid=v6yKqF4G7b4&ei=1hBCZIP1Jcepx_AP7Oe86AI&plid=AAX50RVvSMg97nPz&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fv6yKqF4G7b4%3Fiv_load_policy%3D3%26showinfo%3D0%26widget_referrer%3D0%26disablekb%3D0%26controls%3D0%26modestbranding%3D0%26cc_load_policy%3D0%26enablejsapi%3D1%26version%3D3%26fs%3D0%26playsinline%3D0%26rel%3D0%26autoplay%3D1%26origin%3Dhttps%253A%252F%252Fsecure.getneuropure.com%26widgetid%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBTE03ZXZMYzhueDNGdV9PV3J1Q0tqRTF1WTY0THBxaDBPeVd3NkhxOHYxTGJ4dGJkd2JTQVBta0tETFRjc0YzMHlLNlNyMXdWTlNPUnZVZzhCb0Ztc3oydm9ZLTB4N28zcXkxV2RKUHZLb1I1bUFJOTUwUkxkaXM0YWFjVTB0STVSV1dhdjhoAQ

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6f20102c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/v6yKqF4G7b4?iv_load_policy=3&showinfo=0&widget_referrer=0&disablekb=0&controls=0&modestbranding=0&cc_load_policy=0&enablejsapi=1&version=3&fs=0&playsinline=0&rel=0&autoplay=1&origin=https%3A%2F%2Fsecure.getneuropure.com&widgetid=1
X-YouTube-Client-Version: 1.20230416.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgttZjlWcjBvMjdHSSjWoYiiBg%3D%3D
X-YouTube-Ad-Signals: dt=1682051286491&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1530%2C775&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:11 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 19ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-551J33Q7R1&gtm=45je34j0&_p=906763810&cid=821354501.1682051286&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1682051285&sct=1&seg=0&dl=https%3A%2F%2Fsecure.getneuropure.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D10242dc66e151f9afa8adc9df20940%26aff_sub2%3D%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3DPH42023%26utm_term%3DNeuroPure%2BRevshare_12%26utm_content%3DPaleo%2BHacks_1069&dt=NeuroPure&en=video_start&epn.video_current_time=0&epn.video_duration=4410&epn.video_percent=0&ep.video_provider=youtube&ep.video_title=All%20Natural%20Nerve%20Support%20-%20Desktop&ep.video_url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3Dv6yKqF4G7b4&ep.visible=true&_et=491
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-551J33Q7R1&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.getneuropure.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 04:28:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.getneuropure.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: media.go2app.org
URL: http://media.go2app.org/assets/js/dl.js

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
links.paleohacks-mailing.com/	1970-01-20 11:14:54	Name: _session_id Value: 36dcf742e62a25dfe19b490972046180
vitality.go2cloud.org/	1970-01-20 11:57:23	Name: enc_aff_session_12 Value: ENC03cd723c31f78dd1bee686b4d1069c55b79e5c837868cdb14d007042e74abd6e720177b967f695ecdd7bf9ce0fe21c2417a39081a7fca4731e7a8c511ca18a3a8d6300d8d5a300b19e981e72a770f0a183e899687e03038441e167b2430969275d62315d66194458160d403bab0ae8e51c8160e379b927b8573086230d8e19e94d310688ad
vitality.go2cloud.org/	1970-01-20 20:50:11	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTIiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExMi4wLjU2MTUuMTIxIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
secure.getneuropure.com/	1970-01-20 20:50:11	Name: user_id Value: 23cafea1161eb9910260da8daf3b7319
secure.getneuropure.com/	1970-01-20 20:50:11	Name: user_id.sig Value: lbgfmou9w01FY3x8GKXJhn4yHyA
secure.getneuropure.com/	1970-01-20 20:01:13	Name: persistedParams Value: utm_campaign=PH42023
secure.getneuropure.com/	1970-01-20 20:01:13	Name: persistedParams.sig Value: guAy7bcBqfsbzQFI6gga_AehHCU
secure.getneuropure.com/	1970-01-20 20:50:11	Name: uid Value: wKhaAmRCENW9EwBEA2eoAg==
secure.getneuropure.com/	1969-12-31 23:59:59	Name: cnid Value: 1
.getneuropure.com/	1970-01-20 11:15:37	Name: _gid Value: GA1.2.395768395.1682051286
.getneuropure.com/	1970-01-20 11:14:11	Name: _gat Value: 1
.getneuropure.com/	1970-01-20 11:15:37	Name: _uetsid Value: e94c2a80dffc11ed8f2a7b51546a256f
.getneuropure.com/	1970-01-20 20:35:47	Name: _uetvid Value: e94c1070dffc11ed9b282ff5e7da7e50
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: SP17VpfY2Vw
.youtube.com/	1970-01-20 15:33:23	Name: VISITOR_INFO1_LIVE Value: mf9Vr0o27GI
.bing.com/	1970-01-20 20:35:47	Name: MUID Value: 3FC3C6612B52620A2434D49B2A396397
.getneuropure.com/	1970-01-20 13:23:47	Name: _gcl_au Value: 1.1.165016421.1682051286
.getneuropure.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .getneuropure.com
.getneuropure.com/	1970-01-20 20:50:11	Name: _lc2_fpi Value: 9cffd4819687--01gyh13gs8zwn9e3h9v383zqp0
www.clarity.ms/	1970-01-20 19:59:47	Name: CLID Value: c8b5f9df22b241ec88e55add3bcfcf6b.20230421.20240420
.getneuropure.com/	1970-01-20 20:50:11	Name: _ga Value: GA1.1.821354501.1682051286
.criteo.com/	1970-01-20 20:35:47	Name: uid Value: 0f4287de-3e37-4797-8f2d-bb2f4d424e5c
.getneuropure.com/	1970-01-20 13:23:47	Name: _fbp Value: fb.1.1682051286111.763744575
.getneuropure.com/	1970-01-20 19:59:47	Name: _clck Value: q90747\|1\|fay\|0
.liadm.com/	1970-01-20 20:50:11	Name: lidid Value: cd5664a6-110d-422b-acfb-c51d5167e39b
secure.getneuropure.com/	1970-01-20 11:14:11	Name: outbrain_cid_fetch Value: true
.getneuropure.com/	1970-01-20 20:43:35	Name: cto_bundle Value: 6CZ8g19uYkNwTDQ3RnBEcFVuaWpxam5RM1pKM2pLSnBqUlBBZlJWV2FwVWFlc1lNVVdOamtJRWZqVSUyRkdac1owTlh4bXpESFZ2eEJDJTJGN3dzUFFBNGM5cVdMbk5pSTU3QjE0MTBBdER0SGJCaWdVaWR3dVdIbURRcTFrSlJFbktsclpKbHFCbm1sWVRhUllxb0E5R1RzRTZLU3F5MTk1aVE3WjJCRVFUYU9KOUVEa3pNJTNE
.getneuropure.com/	1970-01-20 11:15:37	Name: _clsk Value: 1nhvdgs\|1682051286710\|1\|1\|i.clarity.ms/collect
.doubleclick.net/	1970-01-20 20:35:47	Name: IDE Value: AHWqTUmeonVgQM3y_aoO9w923rseccCIC1PFtfQ4L3vgkOc29INx8GaYtbRHbwsa
.getneuropure.com/	1970-01-20 20:50:11	Name: _ga_551J33Q7R1 Value: GS1.1.1682051285.1.0.1682051287.58.0.0
.bidswitch.net/	1970-01-20 19:59:47	Name: tuuid Value: 4234d77a-f549-4dba-98af-5780bfe8d857
.bidswitch.net/	1970-01-20 19:59:47	Name: c Value: 1682051287
.bidswitch.net/	1970-01-20 19:59:47	Name: tuuid_lu Value: 1682051287
match.sharethrough.com/	1970-01-20 11:24:16	Name: AWSALBCORS Value: OunqkqMYuwWe+TV/XVAOv9tj8cTnSt2p8AMdJd7n81sUUvY6eGz0J81QOvf+4gfm6V1SjSKFvsQB+N6DThZ6mReFwlI+YITD9Ct1/rcCr1OFUGxMUv96mcL9bR2w
.adnxs.com/	1970-01-20 13:23:47	Name: uuid2 Value: 3390985317499784633
.adnxs.com/	1970-01-20 13:23:47	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2GVUs>[$O!]tbPl@/D!9hy6]/CwgdY[lx<bvD**7Rt$(g?H@67_mII7BO+O/Cr+dmUNYom>7[lBnBMvRc`fx%nugO%v4VB%np0C+MIMI
.media.net/	1970-01-20 19:59:47	Name: visitor-id Value: 3250528878400465000V10
.media.net/	1970-01-20 11:57:23	Name: data-c-ts Value: 1682051287
.media.net/	1970-01-20 11:57:23	Name: data-c Value: k-7Y2MBmpqf7V8cJEcmGkkN7Y_RhnSuIFpv7LglQ~~3
.c.bing.com/	1970-01-20 11:24:16	Name: MR Value: 0
.c.bing.com/	1970-01-20 20:35:47	Name: SRM_B Value: 3FC3C6612B52620A2434D49B2A396397
.yahoo.com/	1970-01-20 20:00:08	Name: A3 Value: d=AQABBNcQQmQCENovomsRzaAjeG4e4dLzyN4FEgEBAQFiQ2RLZAAAAAAA_eMAAA&S=AQAAAiLbuSb6oMbo5UXVjpQ0T2Y
.analytics.yahoo.com/	1970-01-20 19:59:47	Name: IDSYNC Value: 18zh~2b7g
.demdex.net/	1970-01-20 15:33:23	Name: demdex Value: 36856970264532914873409463371581507805
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 20:35:47	Name: MUID Value: 3FC3C6612B52620A2434D49B2A396397
.c.clarity.ms/	1970-01-20 11:24:16	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 11:14:11	Name: ANONCHK Value: 0
.casalemedia.com/	1970-01-20 19:59:47	Name: CMID Value: ZEIQ17EPAADJsQ0qoGl4lgAA
.casalemedia.com/	1970-01-20 13:23:47	Name: CMPS Value: 1193
.casalemedia.com/	1970-01-20 13:23:47	Name: CMPRO Value: 1193
exchange.mediavine.com/	1970-01-20 11:34:20	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22ea4a8ba0-dffc-11ed-9bd5-0785a53103d5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:34:20	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ea4a8ba0-dffc-11ed-9bd5-0785a53103d5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:34:20	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22ea4a8ba0-dffc-11ed-9bd5-0785a53103d5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:34:20	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ea4a8ba0-dffc-11ed-9bd5-0785a53103d5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:34:20	Name: criteo Value: %7B%22id%22%3A%22k-H1djJ2pqf7V8cJEcmGkkN7Y_RhnPRL2Z9m-bDw%22%2C%22version%22%3A%22criteo%22%7D
.id5-sync.com/	1970-01-20 11:14:11	Name: cf Value:
.id5-sync.com/	1970-01-20 11:14:11	Name: cip Value:
.id5-sync.com/	1970-01-20 11:14:11	Name: cnac Value:
.id5-sync.com/	1970-01-20 11:14:11	Name: car Value:
.id5-sync.com/	1970-01-20 11:14:11	Name: gdpr Value:
.id5-sync.com/	1970-01-20 11:14:11	Name: callback Value:
.dpm.demdex.net/	1970-01-20 15:33:23	Name: dpm Value: 36856970264532914873409463371581507805
.pubmatic.com/	1970-01-20 11:57:23	Name: KRTBCOOKIE_97 Value: 3385-uid:k-M317mmpqf7V8cJEcmGkkN7Y_RhnKVsZJL9aJRw&KRTB&23144-uid:k-M317mmpqf7V8cJEcmGkkN7Y_RhnKVsZJL9aJRw&KRTB&23286-uid:k-M317mmpqf7V8cJEcmGkkN7Y_RhnKVsZJL9aJRw&KRTB&23287-uid:k-M317mmpqf7V8cJEcmGkkN7Y_RhnKVsZJL9aJRw
.pubmatic.com/	1970-01-20 11:57:23	Name: PugT Value: 1682051286
.360yield.com/	1970-01-20 13:23:47	Name: tuuid Value: b633b316-debf-44c9-85d4-04d690c77b7c
.360yield.com/	1970-01-20 13:23:47	Name: tuuid_lu Value: 1682051287
.360yield.com/	1970-01-20 13:23:47	Name: um Value: !38,3QXzBPehl1SLVqOs6WLDb87J3oUqEXh4rjlwEwcm-MFJia4HVEI1LUE8YjnvTsRzGSc7D93R,1689827287
.360yield.com/	1970-01-20 13:23:47	Name: umeh Value: !38,0,1744259287,-1
.krxd.net/	1970-01-20 15:33:23	Name: _kuid_ Value: Pgg-eJpp
.tremorhub.com/	1970-01-20 20:00:08	Name: tvid Value: 626ac1a1669e4b68ac6a82687aa3ef86
.tremorhub.com/	1970-01-20 11:57:23	Name: tv_UICR Value: k-NyEMaWpqf7V8cJEcmGkkN7Y_RhlkKPamnYwkjw

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2B6FR5(Line 370) Message: Mixed Content: The page at 'https://secure.getneuropure.com/index-vsl-cf?affiliate_id=1483639&aff_sub=10242dc66e151f9afa8adc9df20940&aff_sub2=&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=PH42023&utm_term=NeuroPure+Revshare_12&utm_content=Paleo+Hacks_1069' was loaded over HTTPS, but requested an insecure script 'http://media.go2app.org/assets/js/dl.js'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://www.youtube.com/s/player/6f20102c/www-widgetapi.vflset/www-widgetapi.js(Line 1114) Message: Unrecognized feature: 'web-share'.
security	error	URL: https://www.youtube.com/s/player/6f20102c/www-widgetapi.vflset/www-widgetapi.js(Line 1122) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://secure.getneuropure.com').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' cbsplit.com secure.getneuropure.com secure-getneuropure-com.cbsplit.com ;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
amplify.outbrain.com
b-code.liadm.com
bat.bing.com
beacon.krxd.net
c.bing.com
c.clarity.ms
cdn.bttrack.com
cm.adform.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
go.maxweb.com
googleads.g.doubleclick.net
gum.criteo.com
i.clarity.ms
i.ytimg.com
ib.adnxs.com
id5-sync.com
jnn-pa.googleapis.com
links.paleohacks-mailing.com
match.sharethrough.com
matching.ivitrack.com
media.go2app.org
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
rr1---sn-5hne6nzk.googlevideo.com
rtb-csync.smartadserver.com
s.thebrighttag.com
secure.adnxs.com
secure.getneuropure.com
simage2.pubmatic.com
sslwidget.criteo.com
static.doubleclick.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tr.outbrain.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
vitality.go2cloud.org
widget.us.criteo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
media.go2app.org
104.109.73.198
104.111.217.42
141.226.228.48
141.95.98.64
142.250.185.130
178.250.7.11
178.250.7.13
18.159.43.130
18.194.221.34
18.197.201.17
185.255.84.153
185.64.190.80
185.80.39.216
185.86.139.101
185.89.210.212
185.89.211.12
2.18.235.93
2001:4860:4802:32::36
2001:4de0:ac18::1:a:1a
23.35.237.86
2600:1f18:612b:4264:2609:a049:6938:c784
2600:1f18:730:b150:c922:c4f2:8c5e:8b2
2600:9000:223c:5400:8:8845:1500:93a1
2606:4700:3035::ac43:a3ae
2606:4700:3108::ac42:2b71
2620:1ec:4e:1::45
2620:1ec:c11::200
2a00:1450:4001:800::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2016
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::2006
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c0b::9b
2a00:1450:400e:14::6
2a02:2638:3::c
2a02:2638:3::e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.19.203.71
3.216.127.149
3.75.62.37
34.117.157.22
34.251.27.114
35.238.129.105
37.157.4.28
52.167.85.21
52.19.178.150
52.210.2.133
52.212.150.11
54.228.21.106
64.202.112.127
68.219.88.97
69.16.175.42
69.173.144.165
74.119.119.150
76.223.111.18
85.215.5.31
0739e35a97f0cc15ec554ba0a717981e979d4b4034692ae10efe1d9c4af4b740
074cb8fe4c110377a05635d888ae1481b4f448e685b15dfcf56c5c816cd091c5
07e340156e5e8ba42fce81869401b39ba24ae093df06036ab97694ee9d056a3e
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0d2eea56a8ab02bc9aceb4ce55d14da594b3cc5ab9c04900b909d8e1e6dd4a8b
0fdb2d9d92420d1c6d74863decf7d9912d177bbc66da8e0171d21a7db2afe012
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16882dee478ff69b7a88b892bb436243b28efa8dff0069c0a6ef759082860d06
1c692adee7a59ef1e8daf72557ecf2123c30c45a0512c98b64c389ad12586617
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1ec20e65cd7bc12af02945d23ad16a6c1dffd775b2c9ea9cdb007d9c2809d7ee
20862e9e9f70e55cde5f2f2b2763200ba9af3e2133762a18cd3ff8c17384175b
20a84339c7570d519268303bd1494653f3e9a0f3b93819a1d00a0e5a26a25ae8
211ef84cff67192e21765601cd29d1b5e210d331ff785ca89b025437c6b9d23e
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
30f5e928e1c8f2ed3f3b54e6742c8fe393b0bc4c63634cc558e138cb5a945e15
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3c841987ce886438e29c3a2581cc0404b4b350dd354807159f714385e7f12077
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
48a6621f52f54b3bb4833067d78aeb3d365bcc129ab63360c798ebe611bb1016
49120c0354de24e079ff8c8a057f6c0612fbfe8fba47e4323a1bf5e6e16a2aab
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b994dc2f69a59abbdd966414e766753f534a6eec9699cbe3ebf29d97a13d3bd
4c671e65bcee653e77ab99316da0bfe3a55755471ab333df4e54dba4bac35817
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
511a7505781bb197ee36fbafdfbbcf37a9481854faa818449096d3ab2b109dd4
51bbae96fab17cc2df00e566077713f0c1ce0b5661d23df46f55c7e66efb2fe8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
57753f9fe12cdafcc264617bcb28525971070916e88408ae2964238cd7035bde
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a62982f68f482f811e87d3bdeb4785ddf70e787def294f21e0a5748a27179d5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e2517ad313de064b3b1ee58a0cb6a8fce751da1ccdc25e8add0c862acca508f
60a199860784d21f7f7a21d0ccbd343545308ac60a6dd8f3dc53d886e7170e6e
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6950a660890de2eac6f7292de201567d17d8914d66fb2633f2822782f918bdd1
6be17d65576e37de47787cf6bfdce763c02633eb548d342fa6c20c6179d9c0ee
75110fbb0b8ea4a5b17fb9e109b6ca4426a6cbf93ecd25296d5de851be1e36cf
7d6609ab1c7a85193fafbada760076c2af24f05d1624df08e9b0b2d134c1f12e
7ff3e8befc01091cd39db4ff679a1f33d4448cd9a334d0087938690e325fd7a0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85d3d0a43f151dd923452507fb5d09c9b5b9046e56ef7be911f598eef3e1e5eb
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a0e07c34edf78fbdda6eb9153eb257516bf694a30723fd6a27a81c8463c39bc
8cd97dd33390bc5e9f3c79f3ffa5f78671ac8d833c1b5cd311c456bb7b2c993d
93de633bb6826bb68897441e2bdcfeee5a12d029e06d41fb0c6aa00167e28ffc
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a7994d8ea1da7849ee6d49adf81e3ee255d862d8e397e7297f09c40407a4c13c
ac6ad777c2135167908c363464b592bee378cf9742104e5b95bc107986131ffd
ae7e2667e8ae0943c7bbdeca041071a71a38907d5e9d98741de2235f2d3632c3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b90dc102393e8103382517ce1b5eb5c3517634f8da06bf3c375a90e3ef86de42
ba6209a8b61fc5ce4d605559a2adf6b2dd6d69a4cdad856929628ac0e9419a40
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c7ecca4571bf06437d65302d19400da6eb8f0da74f8ae72d719c89e6ef9be3cd
c9b8c892c11f684f41c32313f6d3525c398bca84763c9a3e0edc3a453ce9c38f
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
d13617f9abd1dce996b16c3d63b07d22203f7e46916d3d3e2abce13f1df22f8d
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d38609092b772a10fde841c0c538fdc49ba2492b93f813c964977fe27c438a4d
d7ca352d604c078984cc88c0803ac5e68310e0a698655efe4d2eac5f0f33e773
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de31b9785e093e411dd521fbf3a6ac71bb2f91c83dcce3d9d79c8173208d2596
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f0c91867c407d56bb00bb8106835128b939a70dbd0cc1b968964c2a6e5e5b9
e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c
e7f36e9ee3e5dd02a2c0f81364c7d706d5ac54d5c6d382cbc4c53a5ffae34cca
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f141356a5411df9500bf0b89b6dfb8e0b7e94a9101ae5ec20e8d47937b975b26

secure.getneuropure.com Open in urlscan Pro 2606:4700:3035::ac43:a3ae Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

118 Requests

86 %HTTPS

42 %IPv6

50 Domains

68 Subdomains

60 IPs

9 Countries

4142 kBTransfer

8189 kBSize

72 Cookies

7 Outgoing links

Page URL History

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.getneuropure.com Open in urlscan Pro
2606:4700:3035::ac43:a3ae Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

86 %
HTTPS

42 %
IPv6

50
Domains

68
Subdomains

60
IPs

9
Countries

4142 kB
Transfer

8189 kB
Size

72
Cookies

118 HTTP transactions
1 data transactions