flatbellytonic.com Open in urlscan Pro
2606:4700:20::ac43:4470 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/30aMjDT
Effective URL:
https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Submission: On March 04 via manual (March 4th 2021, 3:21:36 pm UTC) from US

Summary HTTP 191 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 29 domains to perform 191 HTTP transactions. The main IP is 2606:4700:20::ac43:4470, located in United States and belongs to CLOUDFLARENET, US. The main domain is flatbellytonic.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 28th 2020. Valid for: a year.

This is the only time flatbellytonic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
2 3	54.203.38.120 54.203.38.120	16509 (AMAZON-02) (AMAZON-02)
30	2606:4700:20:... 2606:4700:20::ac43:4470	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
21	2a03:2880:f00... 2a03:2880:f006:21:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	169.61.196.20 169.61.196.20	36351 (SOFTLAYER) (SOFTLAYER)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
21	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
4	143.204.90.126 143.204.90.126	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:9::84 2a04:4e42:9::84	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:c::a	15169 (GOOGLE) (GOOGLE)
1	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
3	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.30.21.80 184.30.21.80	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	184.30.20.121 184.30.20.121	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.126.36.56 104.126.36.56	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	18.203.10.130 18.203.10.130	16509 (AMAZON-02) (AMAZON-02)
3	184.30.24.193 184.30.24.193	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
3	70.42.32.63 70.42.32.63	13789 (INTERNAP-...) (INTERNAP-BLK3)
1 50	2a03:2880:f10... 2a03:2880:f106:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f00... 2a03:2880:f006:2:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
191	34

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.203.38.120 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-38-120.us-west-2.compute.amazonaws.com

hop.clickbank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cbtb.clickbank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:20::ac43:4470 (United States)

ASN13335 (CLOUDFLARENET, US)

flatbellytonic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a03:2880:f006:21:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.61.196.20 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 14.c4.3da9.ip4.static.sl-reverse.com

go.maxweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.90.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-126.fra50.r.cloudfront.net

prod.cbstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:9::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:c::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r10---sn-4g5e6nzy.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.80 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-80.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.20.121 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-121.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.126.36.56 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-36-56.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.203.10.130 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-10-130.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.24.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-193.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

seal-boise.bbb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a03:2880:f106:83:face:b00c:0:25de (United States) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f006:2:face:b00c:0:8c (United States)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	facebook.com 1 redirects www.facebook.com	6 KB
30	flatbellytonic.com flatbellytonic.com	1 MB
21	youtube.com www.youtube.com	731 KB
21	facebook.net connect.facebook.net	1 MB
10	googlevideo.com r10---sn-4g5e6nzy.googlevideo.com	5 MB
8	googleapis.com fonts.googleapis.com ajax.googleapis.com	38 KB
6	tiktok.com analytics.tiktok.com	88 KB
6	google-analytics.com www.google-analytics.com	52 KB
5	adroll.com 1 redirects s.adroll.com d.adroll.com	15 KB
4	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
4	cbstatic.net prod.cbstatic.net	65 KB
3	pinterest.com ct.pinterest.com	1 KB
3	mgid.com a.mgid.com	4 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	2 KB
3	gstatic.com fonts.gstatic.com	33 KB
3	googletagmanager.com www.googletagmanager.com	149 KB
3	clickbank.net 2 redirects hop.clickbank.net cbtb.clickbank.net	3 KB
2	pinimg.com s.pinimg.com	18 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	2 KB
2	cloudflare.com cdnjs.cloudflare.com	85 KB
1	atdmt.com cx.atdmt.com	638 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	bbb.org seal-boise.bbb.org	4 KB
1	taboola.com cdn.taboola.com	22 KB
1	ggpht.com yt3.ggpht.com	2 KB
1	google.com www.google.com	14 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	10 KB
1	maxweb.com go.maxweb.com	2 KB
1	bit.ly 1 redirects bit.ly	382 B
191	29

	Domain	Requested by
50	www.facebook.com	1 redirects flatbellytonic.com go.maxweb.com
30	flatbellytonic.com	flatbellytonic.com
21	www.youtube.com	flatbellytonic.com www.youtube.com
21	connect.facebook.net	flatbellytonic.com connect.facebook.net go.maxweb.com
10	r10---sn-4g5e6nzy.googlevideo.com	www.youtube.com
7	fonts.googleapis.com	flatbellytonic.com
6	analytics.tiktok.com	flatbellytonic.com analytics.tiktok.com
6	www.google-analytics.com	flatbellytonic.com www.google-analytics.com www.googletagmanager.com
4	prod.cbstatic.net	cbtb.clickbank.net prod.cbstatic.net flatbellytonic.com
3	tr.outbrain.com	amplify.outbrain.com go.maxweb.com
3	ct.pinterest.com	s.pinimg.com go.maxweb.com
3	s.adroll.com	1 redirects flatbellytonic.com go.maxweb.com
3	a.mgid.com	www.googletagmanager.com go.maxweb.com
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	www.googletagmanager.com	flatbellytonic.com go.maxweb.com www.googletagmanager.com
2	d.adroll.com	go.maxweb.com
2	s.pinimg.com	go.maxweb.com s.pinimg.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	dev.visualwebsiteoptimizer.com	flatbellytonic.com
2	cdnjs.cloudflare.com	flatbellytonic.com cdnjs.cloudflare.com
2	hop.clickbank.net	2 redirects
1	cx.atdmt.com	flatbellytonic.com
1	d.adroll.mgr.consensu.org	1 redirects
1	seal-boise.bbb.org	flatbellytonic.com
1	amplify.outbrain.com	www.googletagmanager.com
1	cdn.taboola.com	www.googletagmanager.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	cbtb.clickbank.net	flatbellytonic.com
1	maxcdn.bootstrapcdn.com	flatbellytonic.com
1	ajax.googleapis.com	flatbellytonic.com
1	go.maxweb.com	flatbellytonic.com
1	bit.ly	1 redirects
191	34

This site contains links to these domains. Also see Links.

Domain
www.bbb.org
fbtonic.pay.clickbank.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-28` - `2021-11-27`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
maxweb.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-25` - `2022-03-01`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.clickbank.net Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.cbstatic.net Amazon	`2020-10-16` - `2021-11-15`	a year	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-02-23` - `2021-05-04`	2 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
*.tiktok.com RapidSSL RSA CA 2018	`2019-11-14` - `2022-01-12`	2 years	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
*.bbb.org GeoTrust RSA CA 2018	`2020-05-15` - `2022-07-03`	2 years	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2021-01-29` - `2021-04-28`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Frame ID: 326E98AA2C4FA752EB60D43305F7754C
Requests: 91 HTTP requests in this frame

Frame: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df
Frame ID: 4EE635BC52CE88B9718BF81382C64245
Requests: 66 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
Frame ID: 96D6370BD572B450D93626053F0E829E
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bit.ly/30aMjDT HTTP 301
http://hop.clickbank.net/?affiliate=ngoc584&vendor=fbtonic&tid=track HTTP 301
http://hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc58... HTTP 301
https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

191
Requests

100 %
HTTPS

63 %
IPv6

29
Domains

34
Subdomains

34
IPs

5
Countries

8739 kB
Transfer

15012 kB
Size

15
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bbb.org/snakeriver/business-reviews/internet-shopping/clickbank-in-boise-id-5004291/#bbbonlineclick

Search URL Search Domain Scan URL

URL: https://fbtonic.pay.clickbank.net/?cbitems=FBTONIC-001&cbfid=47046&cbskin=30936&vtid=vslc&cbexit=1925

Search URL Search Domain Scan URL

URL: https://fbtonic.pay.clickbank.net/?cbitems=FBTONIC-003&cbfid=47046&cbskin=30937&vtid=vslc&cbexit=1925

Search URL Search Domain Scan URL

URL: https://fbtonic.pay.clickbank.net/?cbitems=FBTONIC-006&cbfid=47046&cbskin=30938&vtid=vslc&cbexit=1925

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/30aMjDT HTTP 301
http://hop.clickbank.net/?affiliate=ngoc584&vendor=fbtonic&tid=track HTTP 301
http://hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584&hstr=1614871268011%7Cngoc584.track%7C%7Cd869ce2f-4e33-42cf-9a30-12cfcef45102%7C%7Cfbtonic&code=%7B%7D&key=FD01858A&parms=vendor%3Dfbtonic&s=default&ds=2&ts=01.1E8551510004F4AD59D036414976423774E3421E HTTP 301
https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 113

https://s.adroll.com/j/exp/PLBG62QPLZBFDGTJVENBJT/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 114

https://d.adroll.mgr.consensu.org/consent/iabcheck/PLBG62QPLZBFDGTJVENBJT?_s=a134f9ed1449595ddefdde853d09cb70&_b=2 HTTP 302
https://d.adroll.com/consent/check/PLBG62QPLZBFDGTJVENBJT/?_s=a134f9ed1449595ddefdde853d09cb70&_b=2

Request Chain 127

https://www.facebook.com/tr/?id=836605117092232&ev=ViewContent&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871270665&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&tm=1&rqm=GET HTTP 302
https://cx.atdmt.com/?c=8288144878306928600&f=AYzXFnI7r_dCApBw6HZRjcKsLj9kGN9Wb6J3Hy1BjgdjLjJzYPggH3lkjFyZG6NaZKjPvupRilmv3_3AujrDbAmv&id=836605117092232&l=3&v=0

191 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request vsl-1 Show response
flatbellytonic.com/sp/
Redirect Chain

http://bit.ly/30aMjDT
http://hop.clickbank.net/?affiliate=ngoc584&vendor=fbtonic&tid=track
http://hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584&hstr=1614871268011%7Cngoc584.track%7C%7Cd869ce2f-4e33-42cf-9a30-12cfcef45102%7C%7Cfbtonic&code...
https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

47 KB
12 KB

501ms
474ms

Document
text/html

2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b5d3834e54daf4eefa37a9d5b966909dfa4985b676e3d130822965e93e8288f

Request headers

:method: GET
:authority: flatbellytonic.com
:scheme: https
:path: /sp/vsl-1?hop=ngoc584&vendor=fbtonic
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d83b241ba56114983ce24e3d91ef9a2e21614871268; expires=Sat, 03-Apr-21 15:21:08 GMT; path=/; domain=.flatbellytonic.com; HttpOnly; SameSite=Lax cbst-142-pv=a|2021-03-02T11:50:53.559Z; path=/; expires=Fri, 04 Mar 2022 15:21:08 GMT; secure; httponly persistedParams=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly user_id=wKhQAWBA+uQ2IwA3Ct5SAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/ flatbellytonic.com-cnid=0; path=/
vary: Accept-Encoding Accept-Encoding
cache-control: public private
pragma: public
cf-cache-status: DYNAMIC
cf-request-id: 089f6d240c0000bece8917c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e0x3MQ5bFU%2FzE38%2BXpj%2BimOMn1cNxFkTz7%2FTya1yThcLGYQqsC6CaOjMXiqZNN1z1tB%2BwJJBWQWlhEbHcvtHKUiJKUswd%2FjThuYcylNoITDGL1m0%2F5VOqmaa3YY3VBU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 62ac17b34cc5bece-FRA
content-encoding: br

Redirect headers

Date: Thu, 04 Mar 2021 15:21:08 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: AWSALB=JhFxmbJd0b2kod4m9szBp2VXe3Y6MWSS60gnMrN3SJInjNdOGDSf6FWYD4sxyo8LwjdBJoguW4HihI6z+SgnNwY3o592U+DHF2r38va/rfjI8k8qWy8RYhuagj/D; Expires=Thu, 11 Mar 2021 15:21:08 GMT; Path=/ AWSALBCORS=JhFxmbJd0b2kod4m9szBp2VXe3Y6MWSS60gnMrN3SJInjNdOGDSf6FWYD4sxyo8LwjdBJoguW4HihI6z+SgnNwY3o592U+DHF2r38va/rfjI8k8qWy8RYhuagj/D; Expires=Thu, 11 Mar 2021 15:21:08 GMT; Path=/; SameSite=None
Server: Apache
Cache-Control: no-store
Pragma: no-cache
Expires: 0
P3P: CP="ADM OUR IND COM"
Location: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 140 KB
53 KB 43ms
37ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RVMCJD3EXZ

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fcb4d4016032e87427fb77f5fb9907ea8ea6b997eb65567f3c8076597494b03f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54642
x-xss-protection: 0
expires: Thu, 04 Mar 2021 15:21:08 GMT

GET
H2 200 api.js Show response
flatbellytonic.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 17ms
11ms Script
text/javascript 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://flatbellytonic.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U0rMDXejlFYAcQeKwOEu5IdIGR1NVKOoIzx2oy7U2tSOXkKGCC%2BCUdfOyr8GXmGq40tjDsnabn29%2FlcY9Y6H8wscF3KXGpyHQ%2FhmAP0a6wVN6BL0WSqtNDsLY99s2W8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 62ac17b65d95bece-FRA
cf-request-id: 089f6d25fa0000bece8bbbc000000001

GET
H2 200 css
fonts.googleapis.com/ 9 KB
796 B 19ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800&display=swap

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b84a5073d8659bcb0e99cd7426118c192427a9aa7c06b3189525bc52349d0c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 15:21:08 GMT
server: ESF
date: Thu, 04 Mar 2021 15:21:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Mar 2021 15:21:08 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/ 56 KB
10 KB 18ms
13ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1275136
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10134
cf-request-id: 089f6d25f800004dbec836e000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-dff5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R%2F1p%2FEzcyODCDM4rPYCSjTIUOAAbLElXn8%2Buw4ocF4uCixiVtW0fTzLm2En3hMsCEMQFwxOtqaKbkoo0dOAil4y7Xr97pMPRjnx9mzfkqbLA2aAxOydRmgaqT5OBF6wgWg%3D%3D"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62ac17b65d894dbe-FRA
expires: Tue, 22 Feb 2022 15:21:08 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
589 B 29ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@500&display=swap

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5b76150be881f5d445c96cce509ab47c8401f35081349917f946ab2cf4899aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 15:21:08 GMT
server: ESF
date: Thu, 04 Mar 2021 15:21:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Mar 2021 15:21:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 30ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 13:23:59 GMT
server: ESF
date: Thu, 04 Mar 2021 15:21:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Mar 2021 15:21:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
936 B 30ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,300,300italic,400italic,700,700italic,900,900italic

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38914cb03c8a45e9d2702e44b49090bb3c456ee689423adf61ce84bd5533cec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 15:07:27 GMT
server: ESF
date: Thu, 04 Mar 2021 15:21:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Mar 2021 15:21:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 30ms
26ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,700,700i|Fira+Sans+Extra+Condensed:700,800

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ff287ab525a499583a7ce810d525ea53ba536e8e2809d9730746e7022249b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 15:21:08 GMT
server: ESF
date: Thu, 04 Mar 2021 15:21:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Mar 2021 15:21:08 GMT

GET
H2 200 bootstrap.css
flatbellytonic.com/sp-vsl-1/css/ 149 KB
20 KB 25ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/sp-vsl-1/css/bootstrap.css
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a29236eed54ff257f34dd88abfd5a2f14b9190d84802f6703152d6b4ea511ca9

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7973389
cf-request-id: 089f6d25f80000bece89187000000001
pragma: public
last-modified: Fri, 07 Aug 2020 10:20:04 GMT
server: cloudflare
etag: W/"5f2d2ad4-254bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BYO8tyGae2Dxt0ppwdx1Cj5Hh7kXnJwqdObIYSbXZA%2FbRcPAP3e28EvdWIY4H1STTDPefRsfhU04I1ywCRnukPfv4iJBDajunFZtYHNdfcnt4i3ZjnBAblpvWkXAjL0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 62ac17b65d8ebece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.min.css
flatbellytonic.com/sp-vsl-1/css/ 30 KB
7 KB 23ms
19ms Stylesheet
text/css 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/sp-vsl-1/css/font-awesome.min.css
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5de574f13eacdb548cf2f62fd3ebabc3153f1b1ca15adcbcee53c1a6360f30e

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7973389
cf-request-id: 089f6d25f80000bece82ad3000000001
pragma: public
last-modified: Fri, 07 Aug 2020 10:20:03 GMT
server: cloudflare
etag: W/"5f2d2ad3-7945"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ewjpdua6oY9dBIIhsFc1CEfn8vUwU4j5QA3YYSDENLCxWdEZhr6ULxo%2BK4BWK6%2BD8VYpfGe1Lf5XJWSfyxoBNwoSFvLe2Zs%2F0o1Mxf1gZ0WpvkTDVtzk6cu%2F0qATfw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 62ac17b65d8fbece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 magnific-popup.css
flatbellytonic.com/sp-vsl-1/css/ 7 KB
2 KB 16ms
12ms Stylesheet
text/css 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/sp-vsl-1/css/magnific-popup.css
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe804fb1bc366dc3a7d96874b1bbed5b0bd26873e811a8b4c241df8fefdbefd

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7973389
cf-request-id: 089f6d25f80000becea5367000000001
pragma: public
last-modified: Fri, 07 Aug 2020 10:23:12 GMT
server: cloudflare
etag: W/"5f2d2b90-1caf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FnegiJLZccrKOWe1u5BIjrSC4fe0Dfj9hrkiw8aLdHJt2w482nVZpNU8CcraNj%2BOUQNDLrYIM6BTfGghir03GP%2FaTn9uNdtCnzTpet8%2B%2FMZOwmygmHraiyXGBW%2BdgrY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 62ac17b65d90bece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 creative.min.css
flatbellytonic.com/sp-vsl-1/css/ 32 KB
7 KB 23ms
20ms Stylesheet
text/css 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/sp-vsl-1/css/creative.min.css?v=1.55
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddd0e3f85394a8441b8e9c807a4180032f39fd18f998b88b4d41f8b9aa91938f

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6695182
cf-request-id: 089f6d25f90000becebfa84000000001
pragma: public
last-modified: Fri, 07 Aug 2020 10:20:02 GMT
server: cloudflare
etag: W/"5f2d2ad2-7ea4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J%2Bie3Njo7vQxiIVRau%2F%2BVBstrstf%2FottOsbtyQEjF%2Bo4to2ojwdwzzoSigkzlTCgEZ9Y1bnwqlITOuM%2B5tBmheI73e5nBCvTGS%2FOcJEjBxgMMmX8aKgXC29jOF0A%2FdU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 62ac17b65d91bece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vsl-home.css
flatbellytonic.com/sp-vsl-1/css/ 8 KB
2 KB 24ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/sp-vsl-1/css/vsl-home.css?v10
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 373d5fa259befbeb0ef4f0c30af3155cd581cd3ff851eab3f80ad043d7dc00dd

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7973157
cf-request-id: 089f6d25fc0000becebfa85000000001
pragma: public
last-modified: Wed, 16 Sep 2020 15:26:56 GMT
server: cloudflare
etag: W/"5f622ec0-1eb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IxjGUjZfHckkz5al9TmdQ5MtXEdjIqxeGi4aMWhKic9IlNgbLXEtdUdUgdU8zTYsZQgpzHuRTRRmMlbRjeWM1%2BbI9FT5lygEJfxRoZ4COSnIXH%2BTV2GS9p6JCirpHqo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 62ac17b65d92bece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 extra.css
flatbellytonic.com/sp-vsl-1/css/ 1 KB
739 B 22ms
20ms Stylesheet
text/css 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/sp-vsl-1/css/extra.css?v3
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67613184a21e15263d938ee503280890e41938bccae075dd38d7a6ca60342e14

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7973157
cf-request-id: 089f6d25f90000becebc09f000000001
pragma: public
last-modified: Fri, 07 Aug 2020 12:03:12 GMT
server: cloudflare
etag: W/"5f2d4300-4fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N9P4cY6JzjgMXBUiHjFuRkZWUcarNuL9reIyqqpkEQKa8QFuvWrQMDuMOHZhHJ%2FEzj2DQrFnGW2gi8unUwRqAR6eQBCuWewxjiI5lZiUVKjuYE2lsT%2Feif4eiKlGGQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 62ac17b65d93bece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 product-bottles-1.png
flatbellytonic.com/sp-vsl-1/images/ 102 KB
102 KB 19ms
15ms Image
image/png 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flatbellytonic.com/sp-vsl-1/images/product-bottles-1.png?v2
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 498f34916f810adda1bd5086698b3fe39de04a03ca7daa9c44c19fe48f8c0244

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7973154
content-length: 104160
cf-request-id: 089f6d26000000beceac8cb000000001
pragma: public
last-modified: Wed, 18 Nov 2020 11:21:18 GMT
server: cloudflare
etag: "5fb503ae-196e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O9eoPLIVyuFTpXrD0%2B8Ct8v59jNcKK%2BAfz8s2sz5UOHytNn0VmxsxopKaNstFHpXwcE%2FStZbNuZidLHC2uscC5wkefdB4Hq%2B7zUct6t5wiNQbP1pmDHMUyZdG0%2F0pQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 62ac17b66d99bece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 add-cart.png
flatbellytonic.com/sp-vsl-1/images/ 10 KB
11 KB 33ms
28ms Image
image/png 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flatbellytonic.com/sp-vsl-1/images/add-cart.png
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32fd068cac2e898f8f171810fc3017571ec5968fdcdf2991f9b286c648c5ef65

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7973388
content-length: 10725
cf-request-id: 089f6d26000000bece86010000000001
pragma: public
last-modified: Tue, 24 Nov 2020 14:36:04 GMT
server: cloudflare
etag: "5fbd1a54-29e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FlYxnamr5sM%2FqNqvDxmVNQkHRZTGZFut8XgRxoGpGFiAi44Sn5X685fuYuOXH0WYOn%2BhCnw382FkJMGUHVgAq3LY5FdkZVW0YSMDFNiP4nYve5oVXUanwqSiZxx%2BCgs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 62ac17b66d9abece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 free-shipping.png
flatbellytonic.com/sp-vsl-1/images/ 1 KB
2 KB 18ms
14ms Image
image/png 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flatbellytonic.com/sp-vsl-1/images/free-shipping.png?v1
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caf6c81e772d99c7f6c5714d313e9080f8aba5f0632bcd2ffea02070275a71a1

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1236035
content-length: 1177
cf-request-id: 089f6d26010000becea6297000000001
pragma: public
last-modified: Wed, 18 Nov 2020 11:21:17 GMT
server: cloudflare
etag: "5fb503ad-499"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HaSqtfkQKgmg0rHsdDqwoF2vz8apGcul0f23HlfyXdjgFiiutpfyNQgWu9CqmrQi%2FyNgMXguMQnsRB03zmQxowRmQK0aKa9KlurAfEw5nx1Ie4okXwzeEK22RVMdHUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 62ac17b66d9cbece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 credit-card.jpg
flatbellytonic.com/sp-vsl-1/images/ 21 KB
21 KB 37ms
33ms Image
image/jpeg 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flatbellytonic.com/sp-vsl-1/images/credit-card.jpg
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a334d56ab5c9cf9ff3eb8d8cb08a4d5a83decc31c8f591fe79d688a11673a20c

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1381125
cf-bgj: h2pri
content-length: 20998
cf-request-id: 089f6d26010000bece85000000000001
pragma: public
last-modified: Wed, 18 Nov 2020 11:21:17 GMT
server: cloudflare
etag: "5fb503ad-5206"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FpkWZrBxkZE1nttkp6iQTMmt4ww%2BjB93Gh5tb3YfYUJd%2BBjhceNFtk7Am%2Fg1p163YEak%2B3zqmNuB0AqZ9vm7tvRy7S9WFF%2FrEtYyjp3j8Opg8waqg6%2Bl6yztl8Ut2n0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 62ac17b66d9dbece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 product-bottles-most-popular.png
flatbellytonic.com/sp-vsl-1/images/ 149 KB
149 KB 31ms
27ms Image
image/png 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flatbellytonic.com/sp-vsl-1/images/product-bottles-most-popular.png?v3
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f777b2cb8ef7e5beb4980452dca1a9f9850cdb561349e7e666a06ec449aa63

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7973151
content-length: 152068
cf-request-id: 089f6d26010000beceb8399000000001
pragma: public
last-modified: Tue, 24 Nov 2020 14:36:05 GMT
server: cloudflare
etag: "5fbd1a55-25204"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S9y%2FzyBEbMKD%2BEFhNPoI1P9QhKcpMH37Ca6BmqtIp%2FSAU4BiXPJbeW2MCe0foX3E%2BImeRIOMsa%2FaRREbc1w85KhLLmbNFNrG%2FDWVx5tDLg4c6wxnteyYeEs26y5KJCY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 62ac17b66d9ebece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 product-best-value-bottles.png
flatbellytonic.com/sp-vsl-1/images/ 172 KB
173 KB 32ms
28ms Image
image/png 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flatbellytonic.com/sp-vsl-1/images/product-best-value-bottles.png?v4
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c6dcee2becf5cafba6983d1c490f621e5bc36cc1e3f222b0b6c3c478ca5a19

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1236035
content-length: 176626
cf-request-id: 089f6d26020000bece8218b000000001
pragma: public
last-modified: Tue, 24 Nov 2020 14:36:05 GMT
server: cloudflare
etag: "5fbd1a55-2b1f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AIHjro3ey3x%2Fg%2BOEmg00R%2F9dt6WRXilBKU%2FgF67iHnzMC81gBP7ethXTXszC3iW2wQBZnsIzIgTB88qPoUu0E6WZhsxTeZWP4op%2FZfdU2XojOTrOWyOfzvJ0Tq0G0qg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 62ac17b66d9fbece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 grt.png
flatbellytonic.com/sp-vsl-1/images/ 22 KB
23 KB 30ms
26ms Image
image/png 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flatbellytonic.com/sp-vsl-1/images/grt.png
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34df2b334a5dba47a85eabeb720687075a6193052ad91362bff0c1ff254f4d5f

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7973386
content-length: 23000
cf-request-id: 089f6d26020000bece962ae000000001
pragma: public
last-modified: Wed, 18 Nov 2020 11:21:17 GMT
server: cloudflare
etag: "5fb503ad-59d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=owKiZNzg6J5%2FdD8t0sbx7RQm1LB7%2FBXi2u3PeSSXlg9cTYXeFU%2FqN8Jc575mZmQG9cqnUVzGlCDPKPBlWGTkqb5oVEXVi9SGLrlNsY%2B84fKCEJYA8GoNmQrKj8CWS8E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 62ac17b66da0bece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 courtney.jpg
flatbellytonic.com/sp-vsl-1/images/ 26 KB
27 KB 31ms
28ms Image
image/jpeg 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flatbellytonic.com/sp-vsl-1/images/courtney.jpg
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ecd3827268a45b53e458db928957d5fe6c7b525ab77e4cad411ba48709c2b93

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1236189
cf-bgj: h2pri
content-length: 27019
cf-request-id: 089f6d26020000bece93296000000001
pragma: public
last-modified: Thu, 11 Feb 2021 13:17:36 GMT
server: cloudflare
etag: "60252e70-698b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CHQq3UxGdhLZMyi1OrLHO87oW7msyD6qIIjvU%2Bj3rVIgXe5L8Qo90AWTLgV%2FU0S%2ByVe7XC1OBx83PCTbR%2Fb5SLZT4E4519yKCO%2FlqymbW4%2BzRrfCTwEsTHAF75A0ABk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 62ac17b66da1bece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 john.jpg
flatbellytonic.com/sp-vsl-1/images/ 19 KB
20 KB 30ms
27ms Image
image/jpeg 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flatbellytonic.com/sp-vsl-1/images/john.jpg
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6871718641228f4339facb0d008c75e71ad5a826d07be502236532a6aede5e5

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1817408
cf-bgj: h2pri
content-length: 19916
cf-request-id: 089f6d26020000bece8e3fa000000001
pragma: public
last-modified: Thu, 11 Feb 2021 13:17:36 GMT
server: cloudflare
etag: "60252e70-4dcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WRV3q%2FgBfFtOfTnebwOJWARqs%2FKlGAk4HXJKz6zCHO5jqSaNjuX6Bzqma2l%2FrqvE9wpGT4aIcgD3FOy82rEh0enCBBq4vDSaV%2Fig7MwxWPO9EzMrkv3Yk3fZMz%2BWtLc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 62ac17b66da2bece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
2 KB 148ms
50ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=54472&u=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&r=0.6995653005931302
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 299c3c47bf78de077b41203100ab686efcd01cd47e76370c2532913384b93668

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 15:21:08 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5631
date: Thu, 04 Mar 2021 13:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 04 Mar 2021 15:47:17 GMT

GET
H2 200 visits Show response
flatbellytonic.com/api/ 509 B
595 B 471ms
469ms Script
application/javascript 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/api/visits?page_id=71&page_version=a&request_id=A29E583B%3A5F00_A2DB8C0E%3A01BB_6040FAE4_1CA92%3A180B01&querystring=hop%3Dngoc584%26vendor%3Dfbtonic&fbclid=&fbp=&fbc=&referrer=
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9e03ae382c2fe83636d02f6053f55f317f13df33e9d1d22efc910fe468582f

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Thu, 04 Mar 2021 15:21:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9Fyhp4DDO7Fxyy0QW02TxUM3xIBrIgDos7JH2Du3KQiSvAKZ%2B6CIDpds%2Fgfi6DRIRnYs21xqUxSpJDDBBLDfQ0bFy%2Bdd2sWf0X0sp2avnZVFYc7oO5dXEkz6T08mFt4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public
cf-ray: 62ac17b66da4bece-FRA
cf-request-id: 089f6d26030000bece903bd000000001

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 17ms
14ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: eRd0Hvt/OXFBb6NNTXbXw/rgLrKKUKL4SP/pGt91o/OOnG38bB2Whx1JTv65JPhfdmhIylUdA5z8tWBOOfot2g==
x-fb-trip-id: 1425083115
x-frame-options: DENY
date: Thu, 04 Mar 2021 15:21:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK / Show response
go.maxweb.com/conversion/iframe/ Frame 4EE6 4 KB
2 KB 929ms
317ms Document
text/html 169.61.196.20
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.61.196.20 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 14.c4.3da9.ip4.static.sl-reverse.com
Software: nginx / PHP/7.3.11
Resource Hash: a1b41cf20ac90b4f07e88b3330785fedd4335060f125a0eca2fd02f7ec079a4f

Request headers

Host: go.maxweb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://flatbellytonic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://flatbellytonic.com/

Response headers

server: nginx
date: Thu, 04 Mar 2021 15:21:09 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
keep-alive: timeout=2
vary: Accept-Encoding
x-powered-by: PHP/7.3.11
expires: Thu, 04 Mar 2021 16:21:09 GMT
cache-control: max-age=3600 private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-encoding: gzip

GET
H2 200 443330690030382 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/443330690030382?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

741ed7ba0278dce75bc18dd192f961682c54ac552da800928ce4328475bc5f1f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70512
x-fb-rlafr: 0
pragma: public
x-fb-debug: LKETjTFXsGKkGrLSZhng2VzUIU/T9hLo3srLzGo54PZywW4Ya+dddoyYjeDZ1IHtebh5q/XuXUWNgmB802FwdQ==
x-fb-trip-id: 1425083115
x-frame-options: DENY
date: Thu, 04 Mar 2021 15:21:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 light-background-home-bkp.jpg
flatbellytonic.com/images/ 401 KB
402 KB 17ms
16ms Image
image/jpeg 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flatbellytonic.com/images/light-background-home-bkp.jpg?v=1.28
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bada1f53ca8d4b6553ab2e07f8bc28a6f74e92dbc7730da30d8eda36fedd8502

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7973153
cf-bgj: h2pri
content-length: 411031
cf-request-id: 089f6d266a0000beceac8cd000000001
pragma: public
last-modified: Thu, 19 Nov 2020 06:01:20 GMT
server: cloudflare
etag: "5fb60a30-64597"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vpkzruqloeJ2%2FZy70xOy%2Fmj8NYb46DNBntqDfTrMNMGtbrd3rsj5kObCOVlkSpHYcFEX8ATraeH6gcQnvIM83Kss6lgmT%2BC574MdAKJ2YC25FtGKSkVkAtLa7xhunXU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 62ac17b70dc7bece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tap-sound.png
flatbellytonic.com/sp-vsl-1/images/ 30 KB
31 KB 20ms
20ms Image
image/png 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flatbellytonic.com/sp-vsl-1/images/tap-sound.png?v2
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp-vsl-1/css/extra.css?v3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e2059459635f843fb2e3d663b6633b6be3fdb643955bbb0d595d94ac96467c4

Request headers

Referer: https://flatbellytonic.com/sp-vsl-1/css/extra.css?v3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1376437
content-length: 30737
cf-request-id: 089f6d266d0000beceac8ce000000001
pragma: public
last-modified: Fri, 07 Aug 2020 12:01:47 GMT
server: cloudflare
etag: "5f2d42ab-7811"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bi3pDKBkQe9sOs7dH6Zj2qhgfdMoFJJDMIu4C8XVwiqgEdKgMO9PXEdOuk%2FbDhmWPq%2F7Cag8fnTW%2B2X4eUKTkKT%2F%2FAxjM%2FjJqHd%2FjbL%2BWRZMBeqEO%2BuGUvdDY4uxOSY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 62ac17b71dc8bece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/ 74 KB
75 KB 19ms
18ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53d01bef7d50d0f0d9430748fae0c7a7d4082c60778a4945de398383f46ebfc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://flatbellytonic.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 64259
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76120
cf-request-id: 089f6d266d0000c29a0527c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12958"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FZuY%2BLaEtjD1s3XzGS8sB%2F2UKI4cpklnJlKrquALv%2Bh3OE%2BLrjgVi9VrNffbNlsrpOmK3fK%2F7fZZtSID6Pw06EnjtMkLSNYXWT289TM1%2FRhCwxQgR1IS6Kp5QCXXLdBIUQ%3D%3D"}],"max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62ac17b719d6c29a-FRA
expires: Tue, 22 Feb 2022 15:21:08 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 84 KB
33 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NXXF3HZ&cid=1778407814.1614871269

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ff89d95d11f91a8c74b5a07c351274b0ad489ee69662c0190ef36c0e2d74e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33732
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Mar 2021 15:21:09 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 150ms
11ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 15:15:28 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 132ms
9ms Script
text/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H2 200 jquery.easing.min.js Show response
flatbellytonic.com/js/ 2 KB
1 KB 19ms
18ms Script
application/javascript 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/js/jquery.easing.min.js
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11edaf6e0b3e4243862dc8ed252f230eb1309599777d061272c5da2d2f6898a6

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7973390
cf-request-id: 089f6d273a0000bece82192000000001
pragma: public
last-modified: Sat, 19 Oct 2019 07:55:17 GMT
server: cloudflare
etag: W/"5daac165-9fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jlFYkMiUK82R2GzeBhlLDBpr%2F4iir2lI7MREn9Etoz%2FyuJxzMT%2FCv5prlz9JqpYlHuyKT3qwZigEBCJjd2iWtvTntka5gF%2FnlUl9VU9FgJVk%2Fo0XxQZKshwJHndyBmM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 62ac17b85e02bece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scrollreveal.min.js Show response
flatbellytonic.com/js/ 9 KB
3 KB 16ms
15ms Script
application/javascript 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/js/scrollreveal.min.js
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd08659fe0f20fd14dcf4c3c5acdde64de96028174f59b0b3dc776b62be789b9

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1236276
cf-request-id: 089f6d273a0000becea30ea000000001
pragma: public
last-modified: Sat, 19 Oct 2019 07:55:18 GMT
server: cloudflare
etag: W/"5daac166-2387"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WjCr64BaiPv75zJ8WkbAb%2FT9UFwaOiBxBZOlxUJebK%2F5%2FeN%2FOlG5pBgSFwj95gRqiDzLjBg29805fr6UbUavTzhhP9XZl7BVQCdtddBHa3cH9Xps6yvyc94q3ZI2KIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 62ac17b85e03bece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
flatbellytonic.com/js/ 20 KB
7 KB 19ms
18ms Script
application/javascript 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/js/jquery.magnific-popup.min.js
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7973390
cf-request-id: 089f6d273a0000bece97166000000001
pragma: public
last-modified: Sat, 19 Oct 2019 07:55:18 GMT
server: cloudflare
etag: W/"5daac166-4ef8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dy9u6m6KBbfP3%2FwJALAL%2Fi46ryfYu6OyTAzwXgBsOApu8q0w%2BrE%2BW7OMBR5HowAaqldWZWK92OyUpqtyKJR1JJrkYkP%2FVydyOXcz7r%2FInY35HE%2B068amn2jWx94gVbk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 62ac17b85e04bece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 creative.min.js Show response
flatbellytonic.com/js/ 1 KB
861 B 19ms
18ms Script
application/javascript 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/js/creative.min.js
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e307dd39268095540e7188c0c65ddb972bd69c301504cfa7ba0e7e64ce00c874

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7973390
cf-request-id: 089f6d273b0000bece9b93f000000001
pragma: public
last-modified: Sat, 19 Oct 2019 07:55:17 GMT
server: cloudflare
etag: W/"5daac165-46e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bvZ1YrFxmzYeGVK0STfVYww%2BGcGSIclUkM7AO3P3LaX%2BEYNzT1qDDp8%2BODfLClFhmVn%2FHvrpep9limVSkgsRadUZufUKcvC5LBDgUqqVrJZk3D7GpKhP%2FjbuCjCSrgU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 62ac17b85e05bece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 42 KB
2 KB 54ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99ad68b8bad7cfac716ba8088c1217ef2830623f84e89c1557a83108c5f3d481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 15:21:09 GMT
server: ESF
date: Thu, 04 Mar 2021 15:21:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Mar 2021 15:21:09 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 6 KB
1 KB 50ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,700i

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3a3974b3e0ef84fbddc95de94cb961807d109ae890e7fc4a03a70b9d708319c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 15:21:09 GMT
server: ESF
date: Thu, 04 Mar 2021 15:21:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Mar 2021 15:21:09 GMT

GET
H2 200 jquery.js Show response
flatbellytonic.com/js/ 95 KB
33 KB 20ms
19ms Script
application/javascript 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/js/jquery.js
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cde2e5c8bf73b290cef56ece81d2ef89292517b75efa8bf50efebc9e1872a55b

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3288132
cf-request-id: 089f6d273b0000becebd1cc000000001
pragma: public
last-modified: Sat, 19 Oct 2019 07:55:18 GMT
server: cloudflare
etag: W/"5daac166-17bdf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h%2BzGMD9%2FMcgJcFTaiROcHNQMCZEGt9NBojTHANTS2okRVfDHLcYvT8ZSHuNmCiVsb8xH1LXexL1NKbxQHae2RiLX3eLUA%2FA6MnamnZc80i6GGtanhgKPSnB8WZvqMjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 62ac17b85e06bece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.js Show response
flatbellytonic.com/js/ 36 KB
10 KB 19ms
17ms Script
application/javascript 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/js/bootstrap.js
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1236273
cf-request-id: 089f6d273f0000bece9daab000000001
pragma: public
last-modified: Sat, 19 Oct 2019 07:55:17 GMT
server: cloudflare
etag: W/"5daac165-900a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A3kzPWmVTemz%2FXO3qConUlbHid%2BrlbnRJtImdYt9FbpnznfVdcsIDBpqPgc29RZ5gHPx3T7Rnz%2BKgQinWVwD%2FJoxRawUMjDS9DIR9HH3qObkmn60GusAd6piTqGzWUY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 62ac17b86e07bece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 exit-pop.js Show response
flatbellytonic.com/js/ 4 KB
2 KB 21ms
19ms Script
application/javascript 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/js/exit-pop.js
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7803894e43d20cf0c364b210197b4b645dc8f09ccba0e0e8cb0c2881fe061d16

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3381629
cf-request-id: 089f6d273f0000becea294b000000001
pragma: public
last-modified: Sat, 19 Oct 2019 07:55:17 GMT
server: cloudflare
etag: W/"5daac165-107d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cQ3lbZTh3XJgq540IaTlnX5GkLEkqp8w8gTwMS4RuIwvgRWIW64RoAEMIMNVCfVoIh8vM3TNNFKyWUjbwqZN0EGs%2BPBoV04F3nXvv9IwKJiQusHHxZr5S9oDMTnnuyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 62ac17b86e09bece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bounceback.min.js Show response
flatbellytonic.com/sp-vsl-1/js/ 3 KB
2 KB 22ms
20ms Script
application/javascript 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/sp-vsl-1/js/bounceback.min.js
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fbbfbf2aff3f6cb01ac1967abafda6695aa9ee86e28862b0c45f62bffe51282

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7973390
cf-request-id: 089f6d27420000becea294c000000001
pragma: public
last-modified: Fri, 07 Aug 2020 10:24:36 GMT
server: cloudflare
etag: W/"5f2d2be4-b20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o7tUK3D24aIAiTnzxdogwvDjxnNsJ0MKKBsG1v%2BhIxDffWSiVuarmtwy7lKtieejjewovn%2FgZ2XGhORmbLJMpcMlE1%2FRP%2FLNOcm7s7nyMQ2gdUf59GMRIlmwTQ2sqfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 62ac17b86e0abece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 youtube-sp-vsl-1-anw.js Show response
flatbellytonic.com/sp-vsl-1/js/ 4 KB
1 KB 17ms
16ms Script
application/javascript 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/sp-vsl-1/js/youtube-sp-vsl-1-anw.js?v5
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d52e13e6a7bc64bc2914fd9db16689f2eeba2e7ac7cfaa413b7bf598618201e

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 185039
cf-request-id: 089f6d27410000beceac8d1000000001
pragma: public
last-modified: Tue, 02 Mar 2021 11:10:57 GMT
server: cloudflare
etag: W/"603e1d41-10ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7Phu0HU%2BgTvTj%2BX%2FDtKGCgj5C%2F%2Fmos80siVpXO3ZGu44mjjz5yy1XAEC%2BiqbL2A%2FlB9Ix%2F6esLGtW0OuUw%2B5d1K4A4NulgVfruVachRH6px419%2B9CLslJHyIC1nre%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 62ac17b86e0bbece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
cbtb.clickbank.net/ 937 B
1 KB 637ms
211ms Script
text/javascript 54.203.38.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cbtb.clickbank.net/?vendor=fbtonic
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.203.38.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-203-38-120.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 1da8a039927042c95ebeacd909fd930acb03ef41568f91eee60a17c4e5eb5b15

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:09 GMT
cache-control: max-age=900
server: Apache
content-length: 937
content-type: text/javascript;charset=UTF-8

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
74 B 13ms
13ms Other
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RVMCJD3EXZ&gtm=2oe2o0&_p=1181327254&sr=1600x1200&ul=en-us&cid=1778407814.1614871269&_s=1&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&dt=(3)%20Tonic%20discovered%20in%20Japan%20for%20astonishing%20effect%20on%20metabolism&sid=1614871269&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RVMCJD3EXZ
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 15:21:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flatbellytonic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 778088769409857 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/778088769409857?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

37eb884e65edb300a90e34cdf96fad3b1a90a17a14339d28d1e145bf39efa0b7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70589
x-fb-rlafr: 0
pragma: public
x-fb-debug: ilKXBboQBlfh2QJExav1WRY+rY22OeIfM6OavYmb+mJS5MjmN/zZ70TDLGV12FyOmHwdufvZrwPT8bwaPX+BqA==
x-fb-trip-id: 1425083115
x-frame-options: DENY
date: Thu, 04 Mar 2021 15:21:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
301 B 190ms
142ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=54472&d=flatbellytonic.com&u=D76A84F5E8102AE9E9634BF4FD1EAD3AB&h=d72703e68f75a5591ac6ab1a4d321553&t=false&r=0.2941410762352694

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 15:21:08 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
27 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1181327254&t=pageview&_s=1&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&ul=en-us&de=UTF-8&dt=(3)%20Tonic%20discovered%20in%20Japan%20for%20astonishing%20effect%20on%20metabolism&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQAAAAC~&jid=561437521&gjid=72706178&cid=1778407814.1614871269&tid=UA-62882424-25&_gid=1733476324.1614871269&_r=1&_slc=1&z=422208358

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 15:21:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flatbellytonic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
86 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1181327254&t=pageview&_s=2&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&ul=en-us&de=UTF-8&dt=(3)%20Tonic%20discovered%20in%20Japan%20for%20astonishing%20effect%20on%20metabolism&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQAAAAC~&jid=&gjid=&cid=1778407814.1614871269&tid=UA-62882424-25&_gid=1733476324.1614871269&z=809720567

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 12:28:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 10361
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 183313573238513 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 87ms
86ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/183313573238513?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f63038e82411f7d41b24013c079d99e88de35bf930d6ba9ceac87dfeb8c67ad1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: OMRWbYe7s4l5WqqgeH7HEhLQ/DNyaKq/86TRGne0RcPNbcNGD5X01RiFlD9fLmqYPeZ6dajQajeryn7jPeVRUA==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 04 Mar 2021 15:21:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 810 B
975 B 40ms
34ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp-vsl-1/js/youtube-sp-vsl-1-anw.js?v5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d960062424eec119eaf55c137f7dad6e793ae42360e0b5ed9f7d23f00801865

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: private, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 04 Mar 2021 15:21:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://flatbellytonic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 16:23:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 169044
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Wed, 02 Mar 2022 16:23:45 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 35ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://flatbellytonic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 23:46:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 56099
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Thu, 03 Mar 2022 23:46:10 GMT

GET
H3-Q050 200 www-widgetapi.js Show response
www.youtube.com/s/player/0d54190b/www-widgetapi.vflset/ 106 KB
38 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d54190b/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f0096bdfd5ee9660448f45c4dbe4060d184c4e0bd353b01a8f27a8ae3180b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 04:06:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 01:37:23 GMT
server: sffe
age: 40475
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38396
x-xss-protection: 0
expires: Fri, 04 Mar 2022 04:06:34 GMT

GET
H2 200 131112602186963 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 81ms
80ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/131112602186963?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

079d3cede42c73b6a910ce40e7d02d893b35602770759dc073a51712c6ac524d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: AO30U1cmXhZaMEbe+jic2o6Oi2c7BhS9WTnUKQ3iQ6UR1CMOzzIYLve80XWEPdPPZuUCLd4sVJuGr2nX1prA8w==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 04 Mar 2021 15:21:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 5PviYspwkmI Show response
www.youtube.com/embed/ Frame 96D6 51 KB
21 KB 48ms
48ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/www-widgetapi.vflset/www-widgetapi.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a2c74a232690252c4e677963ccaa51c0c63071d91e7ceb7c805025b8ecc2d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://flatbellytonic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=GsUwj9WXwEk; VISITOR_INFO1_LIVE=asjixhn-5y0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://flatbellytonic.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 04 Mar 2021 15:21:09 GMT
strict-transport-security: max-age=31536000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+506; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 239504201075936 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 135ms
134ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/239504201075936?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3029cf341f3f37c2317581034dcc6da3e3392768d62c1f9210beb34c7203a4dd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Z0gew+Yp6m+HyYU7ch1fRcumoCCRob44Bb8NaA2owOZGeEQVeFWMqOA1ZJAGPQEWY3daW5Bq8l0L1GD5pmhI5Q==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 04 Mar 2021 15:21:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/0d54190b/ Frame 96D6 340 KB
51 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d54190b/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 15:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 01:37:23 GMT
server: sffe
age: 171324
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52174
x-xss-protection: 0
expires: Wed, 02 Mar 2022 15:45:45 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/0d54190b/www-embed-player.vflset/ Frame 96D6 157 KB
57 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d54190b/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2545a8e726304bbcce185eec7a251329f281cdf72dc4b453031e9ba12ae94d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:47:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 01:37:23 GMT
server: sffe
age: 66810
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58559
x-xss-protection: 0
expires: Thu, 03 Mar 2022 20:47:39 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/ Frame 96D6 2 MB
503 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5aacbe59e92cf2bbb057f91f63582dc32bdca7d3c4c182be06c69b5f4d7e0cac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 01:37:23 GMT
server: sffe
age: 76209
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514535
x-xss-protection: 0
expires: Thu, 03 Mar 2022 18:11:00 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/0d54190b/fetch-polyfill.vflset/ Frame 96D6 8 KB
3 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d54190b/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 22:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 01:37:23 GMT
server: sffe
age: 60981
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 03 Mar 2022 22:24:48 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 96D6 10 KB
11 KB 16ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 22:24:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 60980
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Thu, 03 Mar 2022 22:24:49 GMT

GET
H2 200 269910764479242 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 54ms
54ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/269910764479242?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d64ceaba33147830c61f1a8537b53ee857c5150a73e8227fd70c3d1448d8ed46

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: btjbzu7xUVi5w4uFfm0JEQjhcws2a1WCruTzXcBa+Zxh9LVo9w+MBG6czZ3VMDq7+DypIhnGG8LBhSfU6jfp1w==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 04 Mar 2021 15:21:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 96D6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
921 B

69ms
53ms

XHR
application/json

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33012d2e2fec4556df4c1dcfb6c6693006f8e5cebf881971ce33ea8c5480dfdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 04 Mar 2021 15:21:09 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 96D6 29 B
407 B 35ms
5ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:15:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 339
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 04 Mar 2021 15:30:30 GMT

GET
H2 200 ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js Show response
www.google.com/js/th/ Frame 96D6 33 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ZDoFSjlC6WOxM06dCm0rjuyFyk1e0QlbI07811h2i4s.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

643a054a3942e963b1334e9d0a6d2b8eec85ca4d5ed1095b234efcd758768b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 15:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 84139
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14344
x-xss-protection: 0
expires: Thu, 03 Mar 2022 15:58:50 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/ Frame 96D6 29 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4be458dd03e4695e9971cc1bd5971c418fa5921684a2654e1f855bf15cdf0bed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 09:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 01:37:23 GMT
server: sffe
age: 22061
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9680
x-xss-protection: 0
expires: Fri, 04 Mar 2022 09:13:28 GMT

POST
H3-Q050 200 player Show response
www.youtube.com/youtubei/v1/ Frame 96D6 73 KB
17 KB 83ms
82ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be6d3d839e9687c6dd97195186f43cacc4601de9573afbd9213eb6eee0089dad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210301.1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Goog-Visitor-Id: Cgthc2ppeGhuLTV5MCjl9YOCBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17431
x-xss-protection: 0
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 456872095661931 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 53ms
53ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/456872095661931?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

54b920447ce90ef70e8f569000b5a2fc2073d662d739052c5dc125c132770461

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: 70cZ0pcKKTA9QL11hk59SPwG1Y1rJ1UExKXbN+iayojt/1TYFaEs3MhD1U3WJBaw3uLkWF6+7ZY3rKfsE4zjZw==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 04 Mar 2021 15:21:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 96D6 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnhXVKlBIKoB6Ovl8nS1y9CNJrCS_-sMnIA6Pw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 96D6 1 KB
2 KB 26ms
6ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnhXVKlBIKoB6Ovl8nS1y9CNJrCS_-sMnIA6Pw=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c2704273f5ea424fb0d841624a1b30816e2dfe106c27655e1b80e311ad5d466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 11:22:33 GMT
x-content-type-options: nosniff
server: fife
age: 14316
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1169
x-xss-protection: 0
expires: Fri, 05 Mar 2021 11:22:33 GMT

GET
H2 200 injectable.js Show response
prod.cbstatic.net/dist/ 187 KB
56 KB 166ms
60ms Script
application/javascript 143.204.90.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.cbstatic.net/dist/injectable.js
Requested by: Host: cbtb.clickbank.net
URL: https://cbtb.clickbank.net/?vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-126.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 13:31:18 GMT
content-encoding: gzip
last-modified: Mon, 21 Dec 2020 21:57:37 GMT
server: AmazonS3
age: 6593
etag: W/"af651c30e1a69f6f2124e9c1d094a300"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-version-id: RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
x-amz-cf-id: vVWIK9wFYfpu-YLn5upc0lUSqwef2uGxIPL9lDjIv5Ad9rvcDLGVhA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 4EE6 91 KB
23 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: eRd0Hvt/OXFBb6NNTXbXw/rgLrKKUKL4SP/pGt91o/OOnG38bB2Whx1JTv65JPhfdmhIylUdA5z8tWBOOfot2g==
x-fb-trip-id: 1425083115
x-frame-options: DENY
date: Thu, 04 Mar 2021 15:21:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ Frame 4EE6 1 KB
1 KB 43ms
12ms Script
application/javascript 2a04:4e42:9::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:9::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3b55e27038f70b1b7cfae4116bf09fe3faf8cb97795673d1fd338113d0c0d53f

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "7dfd742fa9951f09da578c3e4cfc7d96"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ Frame 4EE6 120 KB
43 KB 50ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCRFKMN

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d26e7233a0ff21035416f9d5549c1ee2364210f465f925c84df600760096b2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43676
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 96D6 0
15 B 6ms
6ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?cuOAuQ
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 204 result Show response
flatbellytonic.com/cdn-cgi/bm/cv/ 0
547 B 10ms
10ms XHR
text/plain 2606:4700:20::ac43:4470
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flatbellytonic.com/cdn-cgi/bm/cv/result?req_id=62ac17b34cc5bece
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4470 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WqgNVBp%2FsCZ8WSod%2F4Zz4TeSxPrVShs0p3kWCsbNPTXekRZLfasFEZHnUGkkhZDcr1zNa9VDyha0ttSyRKxrcAWoFwycyvp53pvcBluwy4kYzDpGg8Y%2FnLg2qnPviFE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 62ac17bf3f9abece-FRA
cf-request-id: 089f6d2b840000beceba355000000001

GET
H2 200 212444480609202 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 55ms
54ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/212444480609202?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9edfb8293fa28fd10e12a06e365de892363611aa1f48a1a96725b58fdf6d10b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: es9I8WsDQcEtEa6EhOKmWQETm4B5SyR6EXP+W/N9Mmv8J6f+n+Gg9hT6ra+WTm2EtE8fn0PJCabnhOPlarUUww==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 04 Mar 2021 15:21:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 204 qoe
www.youtube.com/api/stats/ Frame 96D6 0
143 B 14ms
14ms Other
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=ExvEcGWH2axwX6hU&ei=5fpAYJGHO6LR8gOS0oWYDg&el=embedded&docid=5PviYspwkmI&ns=yt&fexp=23848212%2C23902200%2C23969934%2C23983296%2C23991329%2C23992808%2C23996624%2C24000882%2C24005870%2C24006795%2C24007246%2C24007901%2C24009445&cl=360252958&seq=1&cbrand=apple&cbr=Chrome&cbrver=83.0.4103.61&c=WEB_EMBEDDED_PLAYER&cver=1.20210301.1.0&cplayer=UNIPLAYER&cos=Macintosh&cosver=10_14_5&cplatform=DESKTOP&vps=0.000:N,0.096:S,0.374:S,0.374:S&cmt=0.096:0.000,0.374:0.000&afs=0.373:251::i&vfs=0.374:243:247::r&view=0.374:1156:650&bwe=0.374:130000&bat=0.374:1:1&vis=0.374:0&bh=0.374:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 15:21:10 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r10---sn-4g5e6nzy.googlevideo.com/ Frame 96D6 140 KB
141 KB 22ms
7ms XHR
video/webm 2a00:1450:4001:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r10---sn-4g5e6nzy.googlevideo.com/videoplayback?expire=1614892869&ei=5fpAYJGHO6LR8gOS0oWYDg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AKwwVVkzN1DZ6uya1P2wJssZO3bQVpjaqMaLe1j8DiVf&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=ab&mm=31%2C29&mn=sn-4g5e6nzy%2Csn-4g5ednee&ms=au%2Crdu&mv=m&mvi=10&pl=41&initcwndbps=557500&vprv=1&mime=video%2Fwebm&ns=NtxBcNm_T0UraaXts-t4bwQF&gir=yes&clen=69657864&dur=3813.233&lmt=1614789906244580&mt=1614870796&fvip=6&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=LWfEEgy9ENP8tA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgSNd5QnPZKMUW-5u_QiGRNWknujvvpUA5oTNVPQJnII8CIQCBG2xVt3OzfyGSJy2hb6FAzB0Eo_NEb-N8_bKMZpsWnA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgUuxXnWstvBpV2VG7I7qd1gne2dd57-9kSGe8mwQFwhwCIQDhvWGxl_8FTXDiLUO3Fz_83hChKrjAEspT1Vxedp7qvw%3D%3D&alr=yes&cpn=ExvEcGWH2axwX6hU&cver=1.20210301.1.0&range=0-142887&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6961ab7c1faee1f3ece54704c4cfa41c06510ce47be64a3186d648c855a8e59b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 15:21:10 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 142888
Last-Modified: Wed, 03 Mar 2021 16:45:06 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H/1.1 200
OK videoplayback Show response
r10---sn-4g5e6nzy.googlevideo.com/ Frame 96D6 71 KB
72 KB 20ms
6ms XHR
audio/webm 2a00:1450:4001:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r10---sn-4g5e6nzy.googlevideo.com/videoplayback?expire=1614892869&ei=5fpAYJGHO6LR8gOS0oWYDg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AKwwVVkzN1DZ6uya1P2wJssZO3bQVpjaqMaLe1j8DiVf&itag=251&source=youtube&requiressl=yes&mh=ab&mm=31%2C29&mn=sn-4g5e6nzy%2Csn-4g5ednee&ms=au%2Crdu&mv=m&mvi=10&pl=41&initcwndbps=557500&vprv=1&mime=audio%2Fwebm&ns=NtxBcNm_T0UraaXts-t4bwQF&gir=yes&clen=55476590&dur=3813.301&lmt=1614784730903104&mt=1614870796&fvip=6&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=LWfEEgy9ENP8tA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPSs6CyM8QWV9oCLNNh2kod25a8CrXSlcDWmBFDM4n1QAiAKIpHCfaK0D7Xfw9uEi-Mk0YwVqL8gUDLmbrqVDJwCrg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgUuxXnWstvBpV2VG7I7qd1gne2dd57-9kSGe8mwQFwhwCIQDhvWGxl_8FTXDiLUO3Fz_83hChKrjAEspT1Vxedp7qvw%3D%3D&alr=yes&cpn=ExvEcGWH2axwX6hU&cver=1.20210301.1.0&range=0-72560&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0c4bc236d33543fec45e85d7f98d345b128bbba1b3e43605cddc8ed5a017fbf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 15:21:10 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 72561
Last-Modified: Wed, 03 Mar 2021 15:18:50 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H3-Q050 200 captions.js Show response
www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/ Frame 96D6 54 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38fea7ab7a1a0c88fc3ff0ff0a641806af392aafe9c2eeed90930ac4a10863ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 15:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 01:37:23 GMT
server: sffe
age: 171314
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20009
x-xss-protection: 0
expires: Wed, 02 Mar 2022 15:45:56 GMT

GET
H3-Q050 200 endscreen.js Show response
www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/ Frame 96D6 26 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08205f9529e54321dc1b90efa27f08c6a31106fab7bf50b957edbc7f9144c987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 15:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 01:37:23 GMT
server: sffe
age: 171311
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7447
x-xss-protection: 0
expires: Wed, 02 Mar 2022 15:45:59 GMT

POST
H3-Q050 200 next Show response
www.youtube.com/youtubei/v1/ Frame 96D6 9 KB
2 KB 158ms
158ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

93de6f14273d9d3347a0d8a161442a2d486d99120cd826ad8b643ed021514852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210301.1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Goog-Visitor-Id: Cgthc2ppeGhuLTV5MCjl9YOCBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1854
x-xss-protection: 0
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 main.2a04f3ee.js Show response
s.pinimg.com/ct/lib/ Frame 4EE6 48 KB
17 KB 13ms
13ms Script
application/javascript 2a04:4e42:9::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.2a04f3ee.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:9::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a6d2c0675a46c16261ab620e5eda102fdfb5d085391347db3306bf872a90664

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "248210fef24a364a0e167a9a4db13563"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 17102
access-control-expose-headers: X-CDN

GET
H2 200 2888873964727822 Show response
connect.facebook.net/signals/config/ Frame 4EE6 241 KB
69 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2888873964727822?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2922363028e009e173582063a49272ec371ad4277fde8479479e39ae457489b5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70549
x-fb-rlafr: 0
pragma: public
x-fb-debug: QWnfmLEqefKs+eTH8n3Sxr8tJCzMxoIzyHkF1oBVsP7PbDv51kE70f9HRmhU8dmRupbHk9D1en/7n0camGdv9Q==
x-fb-trip-id: 1425083115
x-frame-options: DENY
date: Thu, 04 Mar 2021 15:21:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 4EE6 137 KB
53 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M8N8Y6L9WC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCRFKMN

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c72b6f5c0404d324ac2182a6e5a07117f4872649b374310472f8aaec0488439d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53801
x-xss-protection: 0
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1139379/ Frame 4EE6 64 KB
22 KB 156ms
53ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1139379/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCRFKMN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edde1b9df2511ea03fe276ff88a6cc4805667702abc5472c94b896653b0f0ce3

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: UXtxJLUkzdV0CJFfgPmCvKk.5SfSKVEU
content-encoding: gzip
etag: "167d6f477cfd52b318355cb70524e8e5"
age: 116
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 21908
x-amz-id-2: 3BI1SbVTgudtJDM6oHovgapV0+wP0MJdpXtJzwjddzAjUVo2mm+7fOMoKTdp5Gr5FUDIpTe3hzI=
x-served-by: cache-hhn11522-HHN
last-modified: Mon, 22 Feb 2021 13:47:34 GMT
server: AmazonS3
x-timer: S1614871270.479940,VS0,VE1
date: Thu, 04 Mar 2021 15:21:10 GMT
vary: Accept-Encoding
x-amz-request-id: J1XBD1WQJHEQSBWN
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 97
x-cache-hits: 1

GET
H2 200 mgsensor.js Show response
a.mgid.com/ Frame 4EE6 12 KB
3 KB 292ms
179ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1614871270357&source=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCRFKMN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e6581740409cbb48a59ba88af56b50c6c875639fd0e7e3ec31586349b32f91c

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 15:21:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 919ae115-921a-476f-9e9d-dd6f9484656d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 62ac17c09fcd4c14-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089f6d2c6200004c14d609c000000001
server: cloudflare

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ Frame 4EE6 7 KB
3 KB 140ms
46ms Script
application/x-javascript 184.30.21.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCRFKMN
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 15:21:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jan 2021 14:42:51 GMT
Server: AkamaiNetStorage
ETag: "c43e7f1b0459d05cce32768dd16af59b:1611585771.492103"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2864
Expires: Thu, 04 Mar 2021 15:41:10 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/PLBG62QPLZBFDGTJVENBJT/ Frame 4EE6 38 KB
13 KB 153ms
67ms Script
text/javascript 184.30.20.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/PLBG62QPLZBFDGTJVENBJT/roundtrip.js
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-121.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 88f7376149b15c136de828f71e298a5a48985d56288f1a4a3f0b061ef9710fbb

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: FvplE2P9WEKBDHh_MuUCkFxRyYrWWrPu
Content-Encoding: gzip
ETag: "869fea12bb6c97a2898f449f1921934d"
x-amz-request-id: KC7Z4N4PETR53BVJ
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12400
x-amz-id-2: HMw9GWU5/VEGRXpuXChdKRMt3dciBA14uWjAyqSMlwV/24BoS6+1EwTaYu2Z0OY3VuzoUpnYT6c=
Last-Modified: Thu, 04 Mar 2021 00:25:57 GMT
Server: AmazonS3
Date: Thu, 04 Mar 2021 15:21:10 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ Frame 4EE6 96 KB
27 KB 335ms
240ms Script
application/javascript 104.126.36.56
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0VROHRM56Q7UP188R3G&lib=ttq
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.36.56 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-36-56.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2437e3296f4142fdd7e843c01dfcf729e204575ec698c22e2a6bfd778d79e9cb

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-akamai-request-id: 519d611b.dd2045e
date: Thu, 04 Mar 2021 15:21:10 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-51-193-110.deploy.akamaitechnologies.com (AkamaiGHost/10.3.0.1-32633187) (-)
upstream-caught: 1614871270571998
x-cache: TCP_MISS from a104-126-36-52.deploy.akamaitechnologies.com (AkamaiGHost/10.3.0.1-32633187) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 197,104.126.36.52
server-timing: cdn-cache; desc=MISS, edge; dur=156, origin; dur=42, inner; dur=0
pragma: no-cache
server: nginx
x-tt-logid: 202103041521100101151531940804C316
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 42,184.51.193.110
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 WRD65LAYBZDULPXP2DWF5H
d.adroll.com/ipixel/PLBG62QPLZBFDGTJVENBJT/ Frame 4EE6 42 B
181 B 183ms
61ms Image
image/gif 18.203.10.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/ipixel/PLBG62QPLZBFDGTJVENBJT/WRD65LAYBZDULPXP2DWF5H?name=56a70084
Requested by: Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.10.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-10-130.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.18.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H3-Q050 200 videoplayback Show response
r10---sn-4g5e6nzy.googlevideo.com/ Frame 96D6 14 KB
14 KB 16ms
9ms XHR
video/webm 2a00:1450:4001:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r10---sn-4g5e6nzy.googlevideo.com/videoplayback?expire=1614892869&ei=5fpAYJGHO6LR8gOS0oWYDg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AKwwVVkzN1DZ6uya1P2wJssZO3bQVpjaqMaLe1j8DiVf&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=ab&mm=31%2C29&mn=sn-4g5e6nzy%2Csn-4g5ednee&ms=au%2Crdu&mv=m&mvi=10&pl=41&initcwndbps=557500&vprv=1&mime=video%2Fwebm&ns=NtxBcNm_T0UraaXts-t4bwQF&gir=yes&clen=197194853&dur=3813.233&lmt=1614789906246025&mt=1614870796&fvip=6&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=LWfEEgy9ENP8tA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPQJ2iw2tmrewxQuQQCw-v---keMxdV8yPZ5PU4mDJLBAiBZ94lD8RQo0FwW2RdfBrwPFKb1yTA_SGYnOMPg65M_Gw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgUuxXnWstvBpV2VG7I7qd1gne2dd57-9kSGe8mwQFwhwCIQDhvWGxl_8FTXDiLUO3Fz_83hChKrjAEspT1Vxedp7qvw%3D%3D&alr=yes&cpn=ExvEcGWH2axwX6hU&cver=1.20210301.1.0&range=0-14009&rn=3&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2435d41e8e002c111ce2f7f8e33ed0479a19f693bb81d6e340b14a304a90790f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14010
client-protocol: quic
last-modified: Wed, 03 Mar 2021 16:45:06 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H3-Q050 200 videoplayback Show response
r10---sn-4g5e6nzy.googlevideo.com/ Frame 96D6 64 KB
65 KB 8ms
7ms XHR
audio/webm 2a00:1450:4001:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r10---sn-4g5e6nzy.googlevideo.com/videoplayback?expire=1614892869&ei=5fpAYJGHO6LR8gOS0oWYDg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AKwwVVkzN1DZ6uya1P2wJssZO3bQVpjaqMaLe1j8DiVf&itag=251&source=youtube&requiressl=yes&mh=ab&mm=31%2C29&mn=sn-4g5e6nzy%2Csn-4g5ednee&ms=au%2Crdu&mv=m&mvi=10&pl=41&initcwndbps=557500&vprv=1&mime=audio%2Fwebm&ns=NtxBcNm_T0UraaXts-t4bwQF&gir=yes&clen=55476590&dur=3813.301&lmt=1614784730903104&mt=1614870796&fvip=6&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=LWfEEgy9ENP8tA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPSs6CyM8QWV9oCLNNh2kod25a8CrXSlcDWmBFDM4n1QAiAKIpHCfaK0D7Xfw9uEi-Mk0YwVqL8gUDLmbrqVDJwCrg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgUuxXnWstvBpV2VG7I7qd1gne2dd57-9kSGe8mwQFwhwCIQDhvWGxl_8FTXDiLUO3Fz_83hChKrjAEspT1Vxedp7qvw%3D%3D&alr=yes&cpn=ExvEcGWH2axwX6hU&cver=1.20210301.1.0&range=72561-138096&rn=4&rbuf=3377

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c7d09355d97b402e639d636c633900975ada1467b680a78363658ef3a9fbe3a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
client-protocol: quic
last-modified: Wed, 03 Mar 2021 15:18:50 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 836605117092232 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 54ms
53ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/836605117092232?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c383d637906b82debf30f05998d42274ce5d3cc64c7fa4b847ccb68915e5fd81

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: YkulEJoXG9fYkcAV1JdvyTm1pMhfJCpZVuYl9ThC+O4gi8n18BYNbOvMhEYHkH4C45dpfgwdiwde9lUXk1nigQ==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 04 Mar 2021 15:21:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 videoplayback Show response
r10---sn-4g5e6nzy.googlevideo.com/ Frame 96D6 144 KB
145 KB 8ms
8ms XHR
video/webm 2a00:1450:4001:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

dd20f4627fcc9d2ce601e20aef14b568d4576cf69ed34ea3b4ccd0f5e185f55c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147941
client-protocol: quic
last-modified: Wed, 03 Mar 2021 16:45:06 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ Frame 4EE6 38 B
512 B 184ms
79ms XHR
application/json 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614030225044&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1614871270451

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2a04f3ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

a0774f290781320b1ee451e53e384381cfa827d5c94526856eb4f5f80b3e50e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
access-control-allow-origin: https://go.maxweb.com
x-envoy-upstream-service-time: 6
x-pinterest-rid: 1771696438068025
pin-unauth: dWlkPU1UWmpNV1JsWTJJdE5ESTFZaTAwWWpWbExUaG1ZVEF0TkRJM05XSXpOVFJtT0RjeQ
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 64
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ Frame 4EE6 35 B
301 B 182ms
78ms Image
image/gif 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614030225044&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df%22%2C%22ref%22%3A%22https%3A%2F%2Fflatbellytonic.com%2F%22%2C%22if%22%3Atrue%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222a04f3ee%22%7D&cb=1614871270452

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 15:21:10 GMT
referrer-policy: origin
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 5
content-length: 35
x-pinterest-rid: 3389333915249112
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 416904992924867 Show response
connect.facebook.net/signals/config/ Frame 4EE6 241 KB
69 KB 57ms
55ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/416904992924867?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c47266d7e9eb776449a7ea4a61c9471ce175dc94b0c22110a59ca9285f3a13af

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: mXfSjUwy1UEb9KTTgiESRGeWHX4AgzIVIclDvQPKb14m3tRFteuRWDmSEHiMdYyqCC29lJ9ekjWAG+PXphSglw==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 04 Mar 2021 15:21:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 app-strings-en.json Show response
prod.cbstatic.net/dist/i18n/ 9 B
444 B 140ms
46ms XHR
application/json 143.204.90.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.cbstatic.net/dist/i18n/app-strings-en.json
Requested by: Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-126.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c

Request headers

Accept: application/json
Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 13:31:19 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
vary: Origin
age: 6592
x-cache: Hit from cloudfront
content-length: 9
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
server: AmazonS3
etag: "cdfca8b09e61ae7324e48f01984c9b34"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: ZlnvsWVay.azLO76UGrGFfzKmZRJT9PH
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
content-type: application/json
x-amz-cf-id: tQOkSB7Cr-Bq7ePwJQax65GPz5nQdZC4WTsv0IAVHIChsDvczOykIA==

GET
H2 200 logo-header-two-tone-en.png
prod.cbstatic.net/dist/assets/ 3 KB
4 KB 53ms
52ms Image
image/png 143.204.90.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-126.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 13:31:19 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified: Mon, 21 Dec 2020 21:57:35 GMT
server: AmazonS3
age: 6592
etag: "47cdefc96f75be3d978d4b444737b00e"
x-cache: Hit from cloudfront
x-amz-version-id: rgVoO.sKTwEpJN65bYI.UT4E8UVMZSpC
x-amz-cf-pop: FRA50-C1
content-type: image/png
content-length: 3472
x-amz-cf-id: LmPdC2lCjq9L28H_M95k8V5NMaqeK68BPnHYmxUTJUb_evN0h0P2Fg==

GET
H2 200 logo-tab-two-tone-en.png
prod.cbstatic.net/dist/assets/ 4 KB
5 KB 53ms
52ms Image
image/png 143.204.90.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.90.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-90-126.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 13:31:19 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
server: AmazonS3
age: 6592
etag: "c06ae1ecaaf7e0610c68af117658a7e0"
x-cache: Hit from cloudfront
x-amz-version-id: 65GBUS1AcRJNN3GRB3Nf3yY51OsdERt0
x-amz-cf-pop: FRA50-C1
content-type: image/png
content-length: 4341
x-amz-cf-id: L15YJIJjRxLihDKjAU6zGkl2phBzwXYy04HgQmCgALiEWmaTfqVEMQ==

GET
H2 200 blue-seal-153-100-clickbank-5004291.png
seal-boise.bbb.org/seals/ 4 KB
4 KB 36ms
21ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
Requested by: Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine / ASP.NET
Resource Hash: 2fb7599780471e8352d1be9de3310547427d5e0d7807aab7e22228601c9044c0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Mon, 01 Mar 2021 09:09:54 GMT
server: keycdn-engine
x-aspnet-version: 4.0.30319
x-edge-location: defr
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-shield: active
content-length: 4284
expires: Thu, 04 Mar 2021 19:21:10 GMT

GET
H3-Q050 204 playback
www.youtube.com/api/stats/ Frame 96D6 0
21 B 16ms
15ms Image
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=ExvEcGWH2axwX6hU&docid=5PviYspwkmI&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F5PviYspwkmI%3Fautoplay%3D1%26cc_load_policy%3D0%26controls%3D0%26disablekb%3D1%26fs%3D0%26playsinline%3D1%26modestbranding%3D1%26iv_load_policy%3D3%26rel%3D0%26showinfo%3D0%26host%3Dhttps%253A%252F%252Fwww.youtube.com%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fflatbellytonic.com%26widgetid%3D1&cmt=0&ei=5fpAYJGHO6LR8gOS0oWYDg&fmt=243&fs=0&rt=0.567&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fflatbellytonic.com%2F&lact=601&cl=360252958&mos=1&vm=CAEQABgEKiA2aFpWaGJQdV81bDNjSXBMWnFxR3JSX2ZydkZCdDhPazoyQU9HdF9PSmJkNUlTS0ZHSzJmczVJUkJJWW1ab05ZUjdjT3RhMmtDZmUzcXE1ZGFjTlE&volume=0&cbrand=apple&cbr=Chrome&cbrver=83.0.4103.61&c=WEB_EMBEDDED_PLAYER&cver=1.20210301.1.0&cplayer=UNIPLAYER&cos=Macintosh&cosver=10_14_5&cplatform=DESKTOP&autoplay=1&splay=1&hl=en_US&cr=DE&len=3813&fexp=23848212%2C23902200%2C23969934%2C23983296%2C23991329%2C23992808%2C23996624%2C24000882%2C24005870%2C24006795%2C24007246%2C24007901%2C24009445&rtn=11&afmt=251&size=1156%3A650&inview=1

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 15:21:10 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 ptracking
www.youtube.com/ Frame 96D6 0
104 B 14ms
14ms Image
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=5PviYspwkmI&cpn=ExvEcGWH2axwX6hU&ei=5fpAYJGHO6LR8gOS0oWYDg&ptk=youtube_none&pltype=contentugc

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 15:21:10 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 qoe
www.youtube.com/api/stats/ Frame 96D6 0
23 B 15ms
15ms Other
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=247&afmt=251&cpn=ExvEcGWH2axwX6hU&ei=5fpAYJGHO6LR8gOS0oWYDg&el=embedded&docid=5PviYspwkmI&ns=yt&fexp=23848212%2C23902200%2C23969934%2C23983296%2C23991329%2C23992808%2C23996624%2C24000882%2C24005870%2C24006795%2C24007246%2C24007901%2C24009445&cl=360252958&seq=2&cbrand=apple&cbr=Chrome&cbrver=83.0.4103.61&c=WEB_EMBEDDED_PLAYER&cver=1.20210301.1.0&cplayer=UNIPLAYER&cos=Macintosh&cosver=10_14_5&cplatform=DESKTOP&ctmp=loudness:2.700,appendpause:t.595;dur.45;abuf.3061;vbuf.5400&user_intent=0.097&vfs=0.597:247:247:243:r&view=0.597:1156:650&vps=0.597:S,0.597:S&bwm=0.597:442936:0.405&bwe=0.597:642133&bat=0.597:1:1&cmt=0.597:0.000&bh=0.597:3.061&df=0.597:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 15:21:10 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 videoplayback Show response
r10---sn-4g5e6nzy.googlevideo.com/ Frame 96D6 2 MB
2 MB 7ms
6ms XHR
video/webm 2a00:1450:4001:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r10---sn-4g5e6nzy.googlevideo.com/videoplayback?expire=1614892869&ei=5fpAYJGHO6LR8gOS0oWYDg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AKwwVVkzN1DZ6uya1P2wJssZO3bQVpjaqMaLe1j8DiVf&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=ab&mm=31%2C29&mn=sn-4g5e6nzy%2Csn-4g5ednee&ms=au%2Crdu&mv=m&mvi=10&pl=41&initcwndbps=557500&vprv=1&mime=video%2Fwebm&ns=NtxBcNm_T0UraaXts-t4bwQF&gir=yes&clen=197194853&dur=3813.233&lmt=1614789906246025&mt=1614870796&fvip=6&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=LWfEEgy9ENP8tA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPQJ2iw2tmrewxQuQQCw-v---keMxdV8yPZ5PU4mDJLBAiBZ94lD8RQo0FwW2RdfBrwPFKb1yTA_SGYnOMPg65M_Gw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgUuxXnWstvBpV2VG7I7qd1gne2dd57-9kSGe8mwQFwhwCIQDhvWGxl_8FTXDiLUO3Fz_83hChKrjAEspT1Vxedp7qvw%3D%3D&alr=yes&cpn=ExvEcGWH2axwX6hU&cver=1.20210301.1.0&range=927899-2799688&rn=6&rbuf=10400

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0e3920f21c13b085ac78a155b4b9cb9dee63c770092c3b8efa09bd4e4f468e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1871790
client-protocol: quic
last-modified: Wed, 03 Mar 2021 16:45:06 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ Frame 4EE6 35 B
239 B 540ms
129ms Script
application/javascript 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=0030debcbb8de0909fb77777e83e1ccda6
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 15:21:11 GMT
content-encoding: gzip
X-TraceId: 48a758d37031d5ed1a6169baacfe644c
Content-Length: 56
Content-Type: application/javascript

GET
H2 200 265865081562477 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 81ms
81ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/265865081562477?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33d83fdbb899b122bf34d35a42efe335d87ceb106aabfe1c776f51a9529df537

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: vyxsgcgOzsRHRaR6TDjQjCUI7awX4lUOZ7lHRrBF+62U6TRykDS5PB34gQrIVZTjSS4Mi6gw+c2ExWL0rIrXAw==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 04 Mar 2021 15:21:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/ Frame 4EE6
Redirect Chain

https://s.adroll.com/j/exp/PLBG62QPLZBFDGTJVENBJT/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

42ms
42ms

Script
application/javascript

184.30.20.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-121.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8C_4p5S6NLuKOM2fXKpm7asomxwPn3IL
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: A6E4D842C4F3666B
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 1Pslf+Y9QwUHIZmwUo95w2CKA8MTrgZpbGBRFLUwAevxRDJ3euWTGuAJ2AJ78njOjdUd48ZsKSg=
Last-Modified: Tue, 19 Jan 2021 16:25:36 GMT
Server: AmazonS3
Date: Thu, 04 Mar 2021 15:21:10 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Thu, 04 Mar 2021 15:21:10 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H2

200

/ Show response
d.adroll.com/consent/check/PLBG62QPLZBFDGTJVENBJT/ Frame 4EE6
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/PLBG62QPLZBFDGTJVENBJT?_s=a134f9ed1449595ddefdde853d09cb70&_b=2
https://d.adroll.com/consent/check/PLBG62QPLZBFDGTJVENBJT/?_s=a134f9ed1449595ddefdde853d09cb70&_b=2

395 B
487 B

61ms
61ms

Script
application/javascript

18.203.10.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/PLBG62QPLZBFDGTJVENBJT/?_s=a134f9ed1449595ddefdde853d09cb70&_b=2
Requested by: Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.10.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-10-130.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 0a6f2bd7d8e608501c21972dc822a6532c065e39a49ee45cb74f36fdf09a5289

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
server: nginx/1.18.0
content-length: 395
content-type: application/javascript

Redirect headers

location: https://d.adroll.com/consent/check/PLBG62QPLZBFDGTJVENBJT/?_s=a134f9ed1449595ddefdde853d09cb70&_b=2
date: Thu, 04 Mar 2021 15:21:10 GMT
server: nginx/1.18.0
content-length: 105

GET
H2 200 801098453775709 Show response
connect.facebook.net/signals/config/ Frame 4EE6 241 KB
69 KB 50ms
50ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/801098453775709?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bcde1ca1d5db4a66dc07e87d8aa2fa818e0bd96bc587405e1df93cac2d54ebfa

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: 3fw0mEB8O6Uu0/HPP1r+Q3KcVOo5xGUIY4K3bscd/L4kBl/O7aU3vgJauThdlrJzwoKtdfT8hdRJ9J8jlV0Obw==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 04 Mar 2021 15:21:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 videoplayback Show response
r10---sn-4g5e6nzy.googlevideo.com/ Frame 96D6 120 KB
120 KB 7ms
6ms XHR
audio/webm 2a00:1450:4001:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r10---sn-4g5e6nzy.googlevideo.com/videoplayback?expire=1614892869&ei=5fpAYJGHO6LR8gOS0oWYDg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AKwwVVkzN1DZ6uya1P2wJssZO3bQVpjaqMaLe1j8DiVf&itag=251&source=youtube&requiressl=yes&mh=ab&mm=31%2C29&mn=sn-4g5e6nzy%2Csn-4g5ednee&ms=au%2Crdu&mv=m&mvi=10&pl=41&initcwndbps=557500&vprv=1&mime=audio%2Fwebm&ns=NtxBcNm_T0UraaXts-t4bwQF&gir=yes&clen=55476590&dur=3813.301&lmt=1614784730903104&mt=1614870796&fvip=6&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=LWfEEgy9ENP8tA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPSs6CyM8QWV9oCLNNh2kod25a8CrXSlcDWmBFDM4n1QAiAKIpHCfaK0D7Xfw9uEi-Mk0YwVqL8gUDLmbrqVDJwCrg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgUuxXnWstvBpV2VG7I7qd1gne2dd57-9kSGe8mwQFwhwCIQDhvWGxl_8FTXDiLUO3Fz_83hChKrjAEspT1Vxedp7qvw%3D%3D&alr=yes&cpn=ExvEcGWH2axwX6hU&cver=1.20210301.1.0&range=138097-261392&rn=7&rbuf=6754

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7894756b505367d3bc19f9662a2f92a36cc5ce39fdb6e11918a4b17b550bed5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123296
client-protocol: quic
last-modified: Wed, 03 Mar 2021 15:18:50 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 325387328702423 Show response
connect.facebook.net/signals/config/ Frame 4EE6 241 KB
69 KB 50ms
49ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/325387328702423?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bb7abbd92e352298ac030a95aea886865adcfa9efbeec5d77769f83ee290fd25

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: EqKElroU6Fd4hvs8P5MY6pzJNWl9WZe5DP7KBge6TQ8QMSHgm28JT8lUMEUsvis+KKuqdOfyALpRs1+tF6HwmQ==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 04 Mar 2021 15:21:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ Frame 4EE6 0
242 B 184ms
76ms XHR
text/plain 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2a04f3ee.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 15:21:10 GMT
referrer-policy: origin
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1661599372378686
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 40ms
13ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=443330690030382&ev=ViewContent&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871270655&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&tm=1&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 40ms
13ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=778088769409857&ev=ViewContent&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871270657&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&tm=1&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
215 B 40ms
14ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=183313573238513&ev=ViewContent&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871270658&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&tm=1&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
215 B 40ms
14ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=131112602186963&ev=ViewContent&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871270659&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&tm=1&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 40ms
14ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=239504201075936&ev=ViewContent&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871270660&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&tm=1&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 40ms
14ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=269910764479242&ev=ViewContent&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871270662&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&tm=1&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 14ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=456872095661931&ev=ViewContent&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871270663&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&tm=1&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 14ms
13ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=212444480609202&ev=ViewContent&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871270664&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&tm=1&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=836605117092232&ev=ViewContent&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871270665&sw=1600&sh=1200&v=2....
https://cx.atdmt.com/?c=8288144878306928600&f=AYzXFnI7r_dCApBw6HZRjcKsLj9kGN9Wb6J3Hy1BjgdjLjJzYPggH3lkjFyZG6NaZKjPvupRilmv3_3AujrDbAmv&id=836605117092232&l=3&v=0

43 B
638 B

63ms
33ms

Image
image/gif

2a03:2880:f006:2:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=8288144878306928600&f=AYzXFnI7r_dCApBw6HZRjcKsLj9kGN9Wb6J3Hy1BjgdjLjJzYPggH3lkjFyZG6NaZKjPvupRilmv3_3AujrDbAmv&id=836605117092232&l=3&v=0

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:2:face:b00c:0:8c , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
x-fb-debug: tbqD6tqzNxZZfWQfCRB5RIoRm9vLwlas7nmUv0Nl6MXQlD5cQP5dTi6/YoM7vBMOUdpwWJTY9MCrGEM5pbjlIw==
content-encoding: br
x-content-type-options: nosniff
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 04 Mar 2021 07:21:10 PST
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-fb-rlafr: 0
expires: Thu, 04 Mar 2021 07:21:10 PST

Redirect headers

pragma: no-cache
date: Thu, 04 Mar 2021 15:21:10 GMT
server: proxygen-bolt
content-type: text/plain
location: https://cx.atdmt.com/?c=8288144878306928600&f=AYzXFnI7r_dCApBw6HZRjcKsLj9kGN9Wb6J3Hy1BjgdjLjJzYPggH3lkjFyZG6NaZKjPvupRilmv3_3AujrDbAmv&id=836605117092232&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 14ms
13ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=265865081562477&ev=ViewContent&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871270667&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&tm=1&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 1x1.gif
a.mgid.com/ Frame 4EE6 43 B
133 B 179ms
178ms Image
image/gif 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=612295&type=c&tg=__gtm_interest_target&r=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&utmc=0&utmt=0&nv=0&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&gtms=interest&gtmc=lead&d=1614871270676
Requested by: Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 15:21:10 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 62ac17c1eaf64c14-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089f6d2d3000004c14bd2f2000000001

GET
H2 200 1x1.gif
a.mgid.com/ Frame 4EE6 43 B
125 B 295ms
295ms Image
image/gif 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=612295&type=c&tg=&r=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&utmc=0&utmt=0&nv=0&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1614871270679
Requested by: Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 15:21:10 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 62ac17c1eb034c14-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089f6d2d3300004c143499b000000001

GET
H2 200 243903780468843 Show response
connect.facebook.net/signals/config/ Frame 4EE6 241 KB
69 KB 51ms
51ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/243903780468843?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2373b2b1a676587be85e0104457bd4bb3e13b7379257ac30f1a0607c2666e5a7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: iFMdTOXUXjGp0YmKo/tBudTpnb+lBber4EIPHnS0FQ99hucxEYBRbtP7dQcdlmzKIiqhOhsVc2yu+euyK/2aPA==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 04 Mar 2021 15:21:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ Frame 4EE6 140 KB
39 KB 233ms
233ms Script
application/javascript 104.126.36.56
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0VROHRM56Q7UP188R3G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.36.56 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-36-56.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 420d31548250b39e9e360cdf56a6fe9b8c3143c2c09d739c4e9ae60ee22319e1

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-akamai-request-id: 965a081e.dd206e3
date: Thu, 04 Mar 2021 15:21:10 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-61-205-60.deploy.akamaitechnologies.com (AkamaiGHost/10.3.0.1-32633187) (-)
upstream-caught: 1614871270839835
x-cache: TCP_MISS from a104-126-36-52.deploy.akamaitechnologies.com (AkamaiGHost/10.3.0.1-32633187) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 176,104.126.36.52
server-timing: cdn-cache; desc=MISS, edge; dur=183, origin; dur=6, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 202103041521100101151531951704AC42
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.61.205.60
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ Frame 4EE6 59 KB
20 KB 240ms
239ms Script
application/javascript 104.126.36.56
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C0VROHRM56Q7UP188R3G
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0VROHRM56Q7UP188R3G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.36.56 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-36-56.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ea9eb3da93a192f3e6f71dc1d5755ca395d4a4b7dfba27d89ccf380c95605e9c

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-akamai-request-id: 63544417.dd206f9
date: Thu, 04 Mar 2021 15:21:10 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-28-72-44.deploy.akamaitechnologies.com (AkamaiGHost/10.3.0.1-32633187) (-)
upstream-caught: 1614871270845820
x-cache: TCP_MISS from a104-126-36-52.deploy.akamaitechnologies.com (AkamaiGHost/10.3.0.1-32633187) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 178,104.126.36.52
server-timing: cdn-cache; desc=MISS, edge; dur=177, origin; dur=5, inner; dur=4
content-length: 19422
pragma: no-cache
server: nginx
x-tt-logid: 202103041521100101151761561C717C68
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,184.28.72.44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 240344064156928 Show response
connect.facebook.net/signals/config/ Frame 4EE6 241 KB
69 KB 55ms
55ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/240344064156928?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

18d80c363c27a77f1a0c0e2266dd2e6f6cb169b40684e0fe6fde2513ab813d8b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: 3mOMO0FUEE8tH/txjz9gwzHAktl7ma+Y/Pns6bYGbyReb1oXYm5nrHrljqb8WhIXu3OqaAz7b4WGLg+tii1UQg==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 04 Mar 2021 15:21:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 453432442341748 Show response
connect.facebook.net/signals/config/ Frame 4EE6 241 KB
69 KB 53ms
53ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/453432442341748?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

712034ca2d12c48e5019b049b30704e41ee6da8fc2e7faff51856eaaca0a367e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: OGeOQVF3mSNkhmpZiC4gLk9eM/1S98SCVfi36uHK0/55rTuMh8PG710jgEs8kakOAzSivFD7M4lC4KnU4XD2TQ==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 04 Mar 2021 15:21:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1144322079242987 Show response
connect.facebook.net/signals/config/ Frame 4EE6 241 KB
69 KB 54ms
52ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1144322079242987?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b0dd9e3efde56555ac3c295a58f4fd40c037096909ecc53ab376c66e89151989

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: euz73l6K8xhmusPlIkn28z5FvKcqA5U7bFy8YpvBFQIFjfjCT7XgNzn0cYU2mxsq8WWR9d4tGfAKW3ljhiUZIg==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 04 Mar 2021 15:21:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 13ms
11ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2888873964727822&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270901&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 14ms
11ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=416904992924867&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270904&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 15ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=801098453775709&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270906&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 16ms
13ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=325387328702423&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270908&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 16ms
14ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=243903780468843&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270910&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 17ms
14ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=240344064156928&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270912&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 error
connect.facebook.net//log/ Frame 4EE6 0
0 37ms
34ms Image
text/html 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.facebook.net//log/error?p=pixel&v=2.9.33&e=Error%3A%20cookie%20not%20stored%20properly&s=Error%3A%20cookie%20not%20stored%20properly%0A%20%20%20%20at%20C%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F2888873964727822%3Fv%3D2.9.33%26r%3Dstable%3A25%3A5431)%0A%20%20%20%20at%20E%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F2888873964727822%3Fv%3D2.9.33%26r%3Dstable%3A25%3A5786)%0A%20%20%20%20at%20H%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F2888873964727822%3Fv%3D2.9.33%26r%3Dstable%3A25%3A6228)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F2888873964727822%3Fv%3D2.9.33%26r%3Dstable%3A25%3A6905)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A6282%0A%20%20%20%20at%20v%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A65139)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A6209)%0A%20%20%20%20at%20pa%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A9349)%0A%20%20%20%20at%20%24%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A9985)%0A%20%20%20%20at%20Function.Z%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A8768)&ue=0&rs=stable&rqm=FGET
Requested by: Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 16ms
14ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=453432442341748&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270914&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 17ms
14ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2888873964727822&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270916&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 17ms
15ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=416904992924867&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270917&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 17ms
15ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=801098453775709&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270918&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 16ms
15ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=325387328702423&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270920&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 22ms
21ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=243903780468843&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270922&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 22ms
21ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=240344064156928&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270923&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 22ms
21ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=453432442341748&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270924&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:10 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
147 B 15ms
13ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2888873964727822&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270994&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 15ms
13ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=416904992924867&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270996&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 15ms
13ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=801098453775709&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270998&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 15ms
13ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=325387328702423&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871270999&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 15ms
13ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=243903780468843&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871271001&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 15ms
14ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=240344064156928&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871271003&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 15ms
14ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=453432442341748&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871271005&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 15ms
14ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1144322079242987&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871271008&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1614871270323&coo=false&rqm=GET

Requested by

Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ Frame 4EE6 0
568 B 231ms
230ms Other
application/octet-stream 104.126.36.56
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0VROHRM56Q7UP188R3G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.36.56 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-36-56.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 9c609fa4.dd209bf
date: Thu, 04 Mar 2021 15:21:11 GMT
x-cache-remote: TCP_MISS from a184-51-193-148.deploy.akamaitechnologies.com (AkamaiGHost/10.3.0.1-32633187) (-)
upstream-caught: 1614871271141743
x-cache: TCP_MISS from a104-126-36-52.deploy.akamaitechnologies.com (AkamaiGHost/10.3.0.1-32633187) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 188,104.126.36.52
server-timing: cdn-cache; desc=MISS, edge; dur=148, origin; dur=41, inner; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202103041521110101151531851704BFD8
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 41,184.51.193.148
expires: Thu, 04 Mar 2021 15:21:11 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ Frame 4EE6 0
562 B 201ms
201ms Other
application/octet-stream 104.126.36.56
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0VROHRM56Q7UP188R3G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.36.56 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-36-56.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6f84552e.dd209c5
date: Thu, 04 Mar 2021 15:21:11 GMT
x-cache-remote: TCP_MISS from a184-28-229-71.deploy.akamaitechnologies.com (AkamaiGHost/10.3.0.1-32633187) (-)
upstream-caught: 1614871271133141
x-cache: TCP_MISS from a104-126-36-52.deploy.akamaitechnologies.com (AkamaiGHost/10.3.0.1-32633187) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 157,104.126.36.52
server-timing: cdn-cache; desc=MISS, edge; dur=150, origin; dur=8, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202103041521110101151531931404A289
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,184.28.229.71
expires: Thu, 04 Mar 2021 15:21:11 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ Frame 4EE6 0
563 B 205ms
205ms Other
application/octet-stream 104.126.36.56
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C0VROHRM56Q7UP188R3G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.36.56 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-36-56.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 377f6be7.dd209ca
date: Thu, 04 Mar 2021 15:21:11 GMT
x-cache-remote: TCP_MISS from a23-61-205-87.deploy.akamaitechnologies.com (AkamaiGHost/10.3.0.1-32633187) (-)
upstream-caught: 1614871271134631
x-cache: TCP_MISS from a104-126-36-52.deploy.akamaitechnologies.com (AkamaiGHost/10.3.0.1-32633187) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 158,104.126.36.52
server-timing: cdn-cache; desc=MISS, edge; dur=151, origin; dur=7, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202103041521110101151531851104CBF5
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.61.205.87
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ Frame 4EE6 43 B
256 B 168ms
127ms Image
image/gif 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=0030debcbb8de0909fb77777e83e1ccda6&obApiVersion=1.0-gtm&obtpVersion=1.4.1&name=PAGE_VIEW&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&optOut=false&bust=09474274765924386
Requested by: Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 15:21:11 GMT
Cache-Control: no-cache
X-TraceId: 79cdf49c2930e4bb5af8c4acd1b3a70a
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ Frame 4EE6 43 B
256 B 295ms
127ms Image
image/gif 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=0030debcbb8de0909fb77777e83e1ccda6&obApiVersion=1.0-gtm&obtpVersion=1.4.1&name=WLVSLView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&optOut=false&bust=03874481595496959
Requested by: Host: go.maxweb.com
URL: https://go.maxweb.com/conversion/iframe/?a=6392&token=885ced23a162091efd2eee968e9821df
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 15:21:11 GMT
Cache-Control: no-cache
X-TraceId: 6d1a3e1035fc1484310b98ab97bca4b6
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 13ms
13ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=443330690030382&ev=Microdata&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871271157&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22(3)%20Tonic%20discovered%20in%20Japan%20for%20astonishing%20effect%20on%20metabolism%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 12ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=778088769409857&ev=Microdata&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871271159&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22(3)%20Tonic%20discovered%20in%20Japan%20for%20astonishing%20effect%20on%20metabolism%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 12ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=183313573238513&ev=Microdata&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871271161&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22(3)%20Tonic%20discovered%20in%20Japan%20for%20astonishing%20effect%20on%20metabolism%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 12ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=131112602186963&ev=Microdata&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871271163&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22(3)%20Tonic%20discovered%20in%20Japan%20for%20astonishing%20effect%20on%20metabolism%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 13ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=239504201075936&ev=Microdata&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871271165&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22(3)%20Tonic%20discovered%20in%20Japan%20for%20astonishing%20effect%20on%20metabolism%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 12ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=269910764479242&ev=Microdata&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871271167&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22(3)%20Tonic%20discovered%20in%20Japan%20for%20astonishing%20effect%20on%20metabolism%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 12ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=456872095661931&ev=Microdata&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871271169&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22(3)%20Tonic%20discovered%20in%20Japan%20for%20astonishing%20effect%20on%20metabolism%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 12ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=212444480609202&ev=Microdata&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871271172&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22(3)%20Tonic%20discovered%20in%20Japan%20for%20astonishing%20effect%20on%20metabolism%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 13ms
11ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=836605117092232&ev=Microdata&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871271175&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22(3)%20Tonic%20discovered%20in%20Japan%20for%20astonishing%20effect%20on%20metabolism%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 12ms
11ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=265865081562477&ev=Microdata&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&rl=&if=false&ts=1614871271177&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22(3)%20Tonic%20discovered%20in%20Japan%20for%20astonishing%20effect%20on%20metabolism%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1614871270653.1146432278&it=1614871268932&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: flatbellytonic.com
URL: https://flatbellytonic.com/sp/vsl-1?hop=ngoc584&vendor=fbtonic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:11 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
147 B 12ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2888873964727822&ev=Microdata&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871272404&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Pixels%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=3&o=30&it=1614871270323&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:12 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 12ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=416904992924867&ev=Microdata&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871272406&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Pixels%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=3&o=30&it=1614871270323&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:12 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 13ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=801098453775709&ev=Microdata&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871272408&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Pixels%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=3&o=30&it=1614871270323&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:12 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 12ms
11ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=325387328702423&ev=Microdata&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871272411&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Pixels%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=3&o=30&it=1614871270323&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:12 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 12ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=243903780468843&ev=Microdata&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871272412&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Pixels%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=3&o=30&it=1614871270323&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:12 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 12ms
11ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=240344064156928&ev=Microdata&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871272414&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Pixels%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=3&o=30&it=1614871270323&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:12 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 12ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=453432442341748&ev=Microdata&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871272417&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Pixels%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=3&o=30&it=1614871270323&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:12 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 4EE6 44 B
101 B 12ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1144322079242987&ev=Microdata&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6392%26token%3D885ced23a162091efd2eee968e9821df&rl=https%3A%2F%2Fflatbellytonic.com%2F&if=true&ts=1614871272511&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Pixels%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1614871270323&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.maxweb.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 04 Mar 2021 15:21:12 GMT

GET
H3-Q050 200 videoplayback Show response
r10---sn-4g5e6nzy.googlevideo.com/ Frame 96D6 224 KB
224 KB 6ms
6ms XHR
audio/webm 2a00:1450:4001:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r10---sn-4g5e6nzy.googlevideo.com/videoplayback?expire=1614892869&ei=5fpAYJGHO6LR8gOS0oWYDg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AKwwVVkzN1DZ6uya1P2wJssZO3bQVpjaqMaLe1j8DiVf&itag=251&source=youtube&requiressl=yes&mh=ab&mm=31%2C29&mn=sn-4g5e6nzy%2Csn-4g5ednee&ms=au%2Crdu&mv=m&mvi=10&pl=41&initcwndbps=557500&vprv=1&mime=audio%2Fwebm&ns=NtxBcNm_T0UraaXts-t4bwQF&gir=yes&clen=55476590&dur=3813.301&lmt=1614784730903104&mt=1614870796&fvip=6&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=LWfEEgy9ENP8tA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPSs6CyM8QWV9oCLNNh2kod25a8CrXSlcDWmBFDM4n1QAiAKIpHCfaK0D7Xfw9uEi-Mk0YwVqL8gUDLmbrqVDJwCrg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgUuxXnWstvBpV2VG7I7qd1gne2dd57-9kSGe8mwQFwhwCIQDhvWGxl_8FTXDiLUO3Fz_83hChKrjAEspT1Vxedp7qvw%3D%3D&alr=yes&cpn=ExvEcGWH2axwX6hU&cver=1.20210301.1.0&range=261393-490510&rn=8&rbuf=11393

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

29857480351f2651d2f0596c59f24fa57376641eb4848a77fc5e240f543de655

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 15:21:12 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229118
client-protocol: quic
last-modified: Wed, 03 Mar 2021 15:18:50 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21297
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 04 Mar 2021 15:21:12 GMT

POST
H3-Q050 204 atr Show response
www.youtube.com/api/stats/ Frame 96D6 0
46 B 17ms
17ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=ExvEcGWH2axwX6hU&docid=5PviYspwkmI&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F5PviYspwkmI%3Fautoplay%3D1%26cc_load_policy%3D0%26controls%3D0%26disablekb%3D1%26fs%3D0%26playsinline%3D1%26modestbranding%3D1%26iv_load_policy%3D3%26rel%3D0%26showinfo%3D0%26host%3Dhttps%253A%252F%252Fwww.youtube.com%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fflatbellytonic.com%26widgetid%3D1&cmt=4.488&ei=5fpAYJGHO6LR8gOS0oWYDg&fmt=247&fs=0&rt=5.125&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fflatbellytonic.com%2F&lact=5160&cl=360252958&mos=1&vm=CAEQABgEKiA2aFpWaGJQdV81bDNjSXBMWnFxR3JSX2ZydkZCdDhPazoyQU9HdF9PSmJkNUlTS0ZHSzJmczVJUkJJWW1ab05ZUjdjT3RhMmtDZmUzcXE1ZGFjTlE&volume=0&cbrand=apple&cbr=Chrome&cbrver=83.0.4103.61&c=WEB_EMBEDDED_PLAYER&cver=1.20210301.1.0&cplayer=UNIPLAYER&cos=Macintosh&cosver=10_14_5&cplatform=DESKTOP&autoplay=1&splay=1&hl=en_US&cr=DE&len=3813.301&fexp=23848212%2C23902200%2C23969934%2C23983296%2C23991329%2C23992808%2C23996624%2C24000882%2C24005870%2C24006795%2C24007246%2C24007901%2C24009445&afmt=251

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
X-YouTube-Client-Version: 1.20210301.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-YouTube-Ad-Signals: dt=1614871269819&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1156%2C650&vis=1&wgl=true&ca_type=image&bid=ANyPxKqCGK0il5Regn_dA7Wim1BL08rTVyDl9TKP1_m0yYnhoQIkHuWi18fke2ED92chIKTanaP-wWmdLFF2_xQL-_4R3Eu5Ug

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 15:21:15 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
44 B 13ms
13ms Other
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RVMCJD3EXZ&gtm=2oe2o0&_p=1181327254&sr=1600x1200&ul=en-us&cid=1778407814.1614871269&_s=2&dl=https%3A%2F%2Fflatbellytonic.com%2Fsp%2Fvsl-1%3Fhop%3Dngoc584%26vendor%3Dfbtonic&dt=(3)%20Tonic%20discovered%20in%20Japan%20for%20astonishing%20effect%20on%20metabolism&sid=1614871269&sct=1&seg=0&en=video_start&_et=1328&ep.video_url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3D5PviYspwkmI&ep.video_title=Japanese%20tonic&ep.video_provider=youtube&epn.video_current_time=0&epn.video_duration=3813&epn.video_percent=0&ep.visible=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RVMCJD3EXZ
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flatbellytonic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 15:21:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://flatbellytonic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r10---sn-4g5e6nzy.googlevideo.com/ Frame 96D6 365 KB
366 KB 6ms
6ms XHR
audio/webm 2a00:1450:4001:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r10---sn-4g5e6nzy.googlevideo.com/videoplayback?expire=1614892869&ei=5fpAYJGHO6LR8gOS0oWYDg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AKwwVVkzN1DZ6uya1P2wJssZO3bQVpjaqMaLe1j8DiVf&itag=251&source=youtube&requiressl=yes&mh=ab&mm=31%2C29&mn=sn-4g5e6nzy%2Csn-4g5ednee&ms=au%2Crdu&mv=m&mvi=10&pl=41&initcwndbps=557500&vprv=1&mime=audio%2Fwebm&ns=NtxBcNm_T0UraaXts-t4bwQF&gir=yes&clen=55476590&dur=3813.301&lmt=1614784730903104&mt=1614870796&fvip=6&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=LWfEEgy9ENP8tA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPSs6CyM8QWV9oCLNNh2kod25a8CrXSlcDWmBFDM4n1QAiAKIpHCfaK0D7Xfw9uEi-Mk0YwVqL8gUDLmbrqVDJwCrg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgUuxXnWstvBpV2VG7I7qd1gne2dd57-9kSGe8mwQFwhwCIQDhvWGxl_8FTXDiLUO3Fz_83hChKrjAEspT1Vxedp7qvw%3D%3D&alr=yes&cpn=ExvEcGWH2axwX6hU&cver=1.20210301.1.0&range=490511-864483&rn=9&rbuf=18596

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

12ccbac50c7c14648b202718d8fae2ddc10e11662d092abc66a5f4873574f92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 15:21:19 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 373973
Last-Modified: Wed, 03 Mar 2021 15:18:50 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21290
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 04 Mar 2021 15:21:19 GMT

POST
H2 204 qoe
www.youtube.com/api/stats/ Frame 96D6 0
189 B 15ms
15ms Other
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=247&afmt=251&cpn=ExvEcGWH2axwX6hU&ei=5fpAYJGHO6LR8gOS0oWYDg&el=embedded&docid=5PviYspwkmI&ns=yt&fexp=23848212%2C23902200%2C23969934%2C23983296%2C23991329%2C23992808%2C23996624%2C24000882%2C24005870%2C24006795%2C24007246%2C24007901%2C24009445&cl=360252958&seq=3&cbrand=apple&cbr=Chrome&cbrver=83.0.4103.61&c=WEB_EMBEDDED_PLAYER&cver=1.20210301.1.0&cplayer=UNIPLAYER&cos=Macintosh&cosver=10_14_5&cplatform=DESKTOP&cmt=0.627:0.000,1.377:0.740,10.000:9.363&vps=0.627:PL,10.000:PL&bwm=10.000:2598177:0.276&bwe=10.000:2276015&bat=10.000:1:1&bh=10.000:30.734

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 15:21:19 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 96D6 28 B
233 B 23ms
23ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
X-YouTube-Client-Version: 1.20210301.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgthc2ppeGhuLTV5MCjl9YOCBg%3D%3D
X-YouTube-Ad-Signals: dt=1614871269663&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1156%2C650&vis=1&wgl=true&ca_type=image&bid=ANyPxKqCGK0il5Regn_dA7Wim1BL08rTVyDl9TKP1_m0yYnhoQIkHuWi18fke2ED92chIKTanaP-wWmdLFF2_xQL-_4R3Eu5Ug

Response headers

date: Thu, 04 Mar 2021 15:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 04 Mar 2021 15:21:20 GMT

GET
H3-Q050 204 watchtime
www.youtube.com/api/stats/ Frame 96D6 0
21 B 17ms
17ms Image
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=ExvEcGWH2axwX6hU&docid=5PviYspwkmI&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F5PviYspwkmI%3Fautoplay%3D1%26cc_load_policy%3D0%26controls%3D0%26disablekb%3D1%26fs%3D0%26playsinline%3D1%26modestbranding%3D1%26iv_load_policy%3D3%26rel%3D0%26showinfo%3D0%26host%3Dhttps%253A%252F%252Fwww.youtube.com%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fflatbellytonic.com%26widgetid%3D1&cmt=10.363&ei=5fpAYJGHO6LR8gOS0oWYDg&fmt=247&fs=0&rt=11.001&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fflatbellytonic.com%2F&lact=11035&cl=360252958&state=playing&vm=CAEQABgEKiA2aFpWaGJQdV81bDNjSXBMWnFxR3JSX2ZydkZCdDhPazoyQU9HdF9PSmJkNUlTS0ZHSzJmczVJUkJJWW1ab05ZUjdjT3RhMmtDZmUzcXE1ZGFjTlE&volume=0%2C0&cbrand=apple&cbr=Chrome&cbrver=83.0.4103.61&c=WEB_EMBEDDED_PLAYER&cver=1.20210301.1.0&cplayer=UNIPLAYER&cos=Macintosh&cosver=10_14_5&cplatform=DESKTOP&autoplay=1&splay=1&hl=en_US&cr=DE&len=3813.301&rtn=21&afmt=251&idpj=0&ldpj=-13&rti=11&muted=1%2C1&st=0.03%2C2.13&et=2.03%2C10.363

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/5PviYspwkmI?autoplay=1&cc_load_policy=0&controls=0&disablekb=1&fs=0&playsinline=1&modestbranding=1&iv_load_policy=3&rel=0&showinfo=0&host=https%3A%2F%2Fwww.youtube.com&enablejsapi=1&origin=https%3A%2F%2Fflatbellytonic.com&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 15:21:20 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r10---sn-4g5e6nzy.googlevideo.com/ Frame 96D6 2 MB
2 MB 7ms
6ms XHR
video/webm 2a00:1450:4001:c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r10---sn-4g5e6nzy.googlevideo.com/videoplayback?expire=1614892869&ei=5fpAYJGHO6LR8gOS0oWYDg&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AKwwVVkzN1DZ6uya1P2wJssZO3bQVpjaqMaLe1j8DiVf&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=ab&mm=31%2C29&mn=sn-4g5e6nzy%2Csn-4g5ednee&ms=au%2Crdu&mv=m&mvi=10&pl=41&initcwndbps=557500&vprv=1&mime=video%2Fwebm&ns=NtxBcNm_T0UraaXts-t4bwQF&gir=yes&clen=197194853&dur=3813.233&lmt=1614789906246025&mt=1614870796&fvip=6&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=LWfEEgy9ENP8tA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPQJ2iw2tmrewxQuQQCw-v---keMxdV8yPZ5PU4mDJLBAiBZ94lD8RQo0FwW2RdfBrwPFKb1yTA_SGYnOMPg65M_Gw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgUuxXnWstvBpV2VG7I7qd1gne2dd57-9kSGe8mwQFwhwCIQDhvWGxl_8FTXDiLUO3Fz_83hChKrjAEspT1Vxedp7qvw%3D%3D&alr=yes&cpn=ExvEcGWH2axwX6hU&cver=1.20210301.1.0&range=2799689-4896085&rn=10&rbuf=24234

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e71bdf4675414d652a8fa850e3b9d224d84d76b0c5ba95ce0edc33b04ef06f6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 15:21:26 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2096397
Last-Modified: Wed, 03 Mar 2021 16:45:06 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21283
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Thu, 04 Mar 2021 15:21:26 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 20:53:43	Name: VISITOR_INFO1_LIVE Value: asjixhn-5y0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: GsUwj9WXwEk
.flatbellytonic.com/	1970-01-19 18:44:07	Name: _fbp Value: fb.1.1614871270653.1146432278
.flatbellytonic.com/	1970-01-19 16:34:33	Name: __cf_bm Value: f501a94ba19aee5579d6bc7a97e262aa455cfd70-1614871270-1800-AfjrM42l4dABb1aZmmc6OgUWzGuZYYgamrjwq2LW7WUfqqh0x26TZ0XLCl8rChGum/wa8O3+LM5+ey97KWkuyuRqe4en8RIjKn1K5t7Erksv1/8dQiMokpzVV2+WL8QiFkJrJdNq5x4qkP2GxS4xjjo=
flatbellytonic.com/	1970-01-20 01:20:07	Name: affiliate Value: ngoc584
.flatbellytonic.com/	1970-01-20 10:05:43	Name: _ga_RVMCJD3EXZ Value: GS1.1.1614871269.1.0.1614871270.0
.flatbellytonic.com/	1970-01-19 17:17:43	Name: __cfduid Value: d83b241ba56114983ce24e3d91ef9a2e21614871268
.flatbellytonic.com/	1970-01-19 16:34:31	Name: _gat Value: 1
.flatbellytonic.com/	1970-01-20 01:21:33	Name: _vwo_uuid_v2 Value: D76A84F5E8102AE9E9634BF4FD1EAD3AB\|d72703e68f75a5591ac6ab1a4d321553
.flatbellytonic.com/	1970-01-20 10:05:43	Name: _ga Value: GA1.1.1778407814.1614871269
.flatbellytonic.com/	1970-01-19 16:35:57	Name: _gid Value: GA1.2.1733476324.1614871269
flatbellytonic.com/	1970-01-25 20:05:16	Name: user_id Value: wKhQAWBA+uQ2IwA3Ct5SAg==
flatbellytonic.com/	1970-01-19 16:44:36	Name: timer_98_ Value: 1
flatbellytonic.com/	1969-12-31 23:59:59	Name: flatbellytonic.com-cnid Value: 0
flatbellytonic.com/	1970-01-20 01:20:07	Name: cbst-142-pv Value: a\|2021-03-02T11:50:53.559Z

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://flatbellytonic.com/sp-vsl-1/js/youtube-sp-vsl-1-anw.js?v5(Line 84) Message: State Change
console-api	log	URL: https://flatbellytonic.com/sp-vsl-1/js/youtube-sp-vsl-1-anw.js?v5(Line 85) Message: [object Object]
console-api	log	(Line 1) Message: COLTON - WL - Pixels
console-api	log	URL: https://flatbellytonic.com/sp-vsl-1/js/youtube-sp-vsl-1-anw.js?v5(Line 84) Message: State Change
console-api	log	URL: https://flatbellytonic.com/sp-vsl-1/js/youtube-sp-vsl-1-anw.js?v5(Line 85) Message: [object Object]
console-api	log	URL: https://flatbellytonic.com/sp-vsl-1/js/youtube-sp-vsl-1-anw.js?v5(Line 84) Message: State Change
console-api	log	URL: https://flatbellytonic.com/sp-vsl-1/js/youtube-sp-vsl-1-anw.js?v5(Line 85) Message: [object Object]
console-api	log	URL: https://cdn.taboola.com/libtrc/unip/1139379/tfa.js(Line 3) Message: Taboola Pixel: An error occurred while handling command '{"notify":"event","id":"1139379","name":"view_content","tim":1614871270560}'. TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://flatbellytonic.com/sp-vsl-1/js/youtube-sp-vsl-1-anw.js?v5(Line 84) Message: State Change
console-api	log	URL: https://flatbellytonic.com/sp-vsl-1/js/youtube-sp-vsl-1-anw.js?v5(Line 85) Message: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
ajax.googleapis.com
amplify.outbrain.com
analytics.tiktok.com
bit.ly
cbtb.clickbank.net
cdn.taboola.com
cdnjs.cloudflare.com
connect.facebook.net
ct.pinterest.com
cx.atdmt.com
d.adroll.com
d.adroll.mgr.consensu.org
dev.visualwebsiteoptimizer.com
flatbellytonic.com
fonts.googleapis.com
fonts.gstatic.com
go.maxweb.com
googleads.g.doubleclick.net
hop.clickbank.net
maxcdn.bootstrapcdn.com
prod.cbstatic.net
r10---sn-4g5e6nzy.googlevideo.com
s.adroll.com
s.pinimg.com
seal-boise.bbb.org
static.doubleclick.net
tr.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.youtube.com
yt3.ggpht.com
104.126.36.56
104.19.132.78
143.204.90.126
169.61.196.20
18.203.10.130
184.30.20.121
184.30.21.80
184.30.24.193
199.232.137.44
2001:4de0:ac19::1:b:3a
2606:4700:20::ac43:4470
2606:4700::6810:135e
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:c::a
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f006:2:face:b00c:0:8c
2a03:2880:f106:83:face:b00c:0:25de
2a04:4e42:9::84
2a0b:4d07:101::1
34.96.102.137
54.203.38.120
67.199.248.10
70.42.32.63
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c
079d3cede42c73b6a910ce40e7d02d893b35602770759dc073a51712c6ac524d
08205f9529e54321dc1b90efa27f08c6a31106fab7bf50b957edbc7f9144c987
0a6f2bd7d8e608501c21972dc822a6532c065e39a49ee45cb74f36fdf09a5289
0c4bc236d33543fec45e85d7f98d345b128bbba1b3e43605cddc8ed5a017fbf3
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e3920f21c13b085ac78a155b4b9cb9dee63c770092c3b8efa09bd4e4f468e09
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11edaf6e0b3e4243862dc8ed252f230eb1309599777d061272c5da2d2f6898a6
12ccbac50c7c14648b202718d8fae2ddc10e11662d092abc66a5f4873574f92e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18d80c363c27a77f1a0c0e2266dd2e6f6cb169b40684e0fe6fde2513ab813d8b
1a6d2c0675a46c16261ab620e5eda102fdfb5d085391347db3306bf872a90664
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d52e13e6a7bc64bc2914fd9db16689f2eeba2e7ac7cfaa413b7bf598618201e
1d960062424eec119eaf55c137f7dad6e793ae42360e0b5ed9f7d23f00801865
1da8a039927042c95ebeacd909fd930acb03ef41568f91eee60a17c4e5eb5b15
1fbbfbf2aff3f6cb01ac1967abafda6695aa9ee86e28862b0c45f62bffe51282
2373b2b1a676587be85e0104457bd4bb3e13b7379257ac30f1a0607c2666e5a7
2435d41e8e002c111ce2f7f8e33ed0479a19f693bb81d6e340b14a304a90790f
2437e3296f4142fdd7e843c01dfcf729e204575ec698c22e2a6bfd778d79e9cb
2545a8e726304bbcce185eec7a251329f281cdf72dc4b453031e9ba12ae94d9b
2922363028e009e173582063a49272ec371ad4277fde8479479e39ae457489b5
29857480351f2651d2f0596c59f24fa57376641eb4848a77fc5e240f543de655
299c3c47bf78de077b41203100ab686efcd01cd47e76370c2532913384b93668
2d26e7233a0ff21035416f9d5549c1ee2364210f465f925c84df600760096b2d
2e6581740409cbb48a59ba88af56b50c6c875639fd0e7e3ec31586349b32f91c
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb
2fb7599780471e8352d1be9de3310547427d5e0d7807aab7e22228601c9044c0
2ff287ab525a499583a7ce810d525ea53ba536e8e2809d9730746e7022249b35
3029cf341f3f37c2317581034dcc6da3e3392768d62c1f9210beb34c7203a4dd
32fd068cac2e898f8f171810fc3017571ec5968fdcdf2991f9b286c648c5ef65
33012d2e2fec4556df4c1dcfb6c6693006f8e5cebf881971ce33ea8c5480dfdc
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
33d83fdbb899b122bf34d35a42efe335d87ceb106aabfe1c776f51a9529df537
34df2b334a5dba47a85eabeb720687075a6193052ad91362bff0c1ff254f4d5f
373d5fa259befbeb0ef4f0c30af3155cd581cd3ff851eab3f80ad043d7dc00dd
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37eb884e65edb300a90e34cdf96fad3b1a90a17a14339d28d1e145bf39efa0b7
38914cb03c8a45e9d2702e44b49090bb3c456ee689423adf61ce84bd5533cec2
38fea7ab7a1a0c88fc3ff0ff0a641806af392aafe9c2eeed90930ac4a10863ab
3b55e27038f70b1b7cfae4116bf09fe3faf8cb97795673d1fd338113d0c0d53f
3c2704273f5ea424fb0d841624a1b30816e2dfe106c27655e1b80e311ad5d466
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
3fe804fb1bc366dc3a7d96874b1bbed5b0bd26873e811a8b4c241df8fefdbefd
420d31548250b39e9e360cdf56a6fe9b8c3143c2c09d739c4e9ae60ee22319e1
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba
498f34916f810adda1bd5086698b3fe39de04a03ca7daa9c44c19fe48f8c0244
4be458dd03e4695e9971cc1bd5971c418fa5921684a2654e1f855bf15cdf0bed
4f0096bdfd5ee9660448f45c4dbe4060d184c4e0bd353b01a8f27a8ae3180b09
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53d01bef7d50d0f0d9430748fae0c7a7d4082c60778a4945de398383f46ebfc9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b920447ce90ef70e8f569000b5a2fc2073d662d739052c5dc125c132770461
5a2c74a232690252c4e677963ccaa51c0c63071d91e7ceb7c805025b8ecc2d6e
5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459
5aacbe59e92cf2bbb057f91f63582dc32bdca7d3c4c182be06c69b5f4d7e0cac
5b5d3834e54daf4eefa37a9d5b966909dfa4985b676e3d130822965e93e8288f
5b9e03ae382c2fe83636d02f6053f55f317f13df33e9d1d22efc910fe468582f
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
643a054a3942e963b1334e9d0a6d2b8eec85ca4d5ed1095b234efcd758768b8b
67613184a21e15263d938ee503280890e41938bccae075dd38d7a6ca60342e14
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6961ab7c1faee1f3ece54704c4cfa41c06510ce47be64a3186d648c855a8e59b
6e2059459635f843fb2e3d663b6633b6be3fdb643955bbb0d595d94ac96467c4
6ecd3827268a45b53e458db928957d5fe6c7b525ab77e4cad411ba48709c2b93
712034ca2d12c48e5019b049b30704e41ee6da8fc2e7faff51856eaaca0a367e
741ed7ba0278dce75bc18dd192f961682c54ac552da800928ce4328475bc5f1f
7803894e43d20cf0c364b210197b4b645dc8f09ccba0e0e8cb0c2881fe061d16
7894756b505367d3bc19f9662a2f92a36cc5ce39fdb6e11918a4b17b550bed5a
80c6dcee2becf5cafba6983d1c490f621e5bc36cc1e3f222b0b6c3c478ca5a19
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308
86f777b2cb8ef7e5beb4980452dca1a9f9850cdb561349e7e666a06ec449aa63
88f7376149b15c136de828f71e298a5a48985d56288f1a4a3f0b061ef9710fbb
93de6f14273d9d3347a0d8a161442a2d486d99120cd826ad8b643ed021514852
99ad68b8bad7cfac716ba8088c1217ef2830623f84e89c1557a83108c5f3d481
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9ff89d95d11f91a8c74b5a07c351274b0ad489ee69662c0190ef36c0e2d74e89
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0774f290781320b1ee451e53e384381cfa827d5c94526856eb4f5f80b3e50e7
a1b41cf20ac90b4f07e88b3330785fedd4335060f125a0eca2fd02f7ec079a4f
a29236eed54ff257f34dd88abfd5a2f14b9190d84802f6703152d6b4ea511ca9
a334d56ab5c9cf9ff3eb8d8cb08a4d5a83decc31c8f591fe79d688a11673a20c
a3a3974b3e0ef84fbddc95de94cb961807d109ae890e7fc4a03a70b9d708319c
a6871718641228f4339facb0d008c75e71ad5a826d07be502236532a6aede5e5
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b0dd9e3efde56555ac3c295a58f4fd40c037096909ecc53ab376c66e89151989
b5b76150be881f5d445c96cce509ab47c8401f35081349917f946ab2cf4899aa
b84a5073d8659bcb0e99cd7426118c192427a9aa7c06b3189525bc52349d0c00
bada1f53ca8d4b6553ab2e07f8bc28a6f74e92dbc7730da30d8eda36fedd8502
bb7abbd92e352298ac030a95aea886865adcfa9efbeec5d77769f83ee290fd25
bcde1ca1d5db4a66dc07e87d8aa2fa818e0bd96bc587405e1df93cac2d54ebfa
be6d3d839e9687c6dd97195186f43cacc4601de9573afbd9213eb6eee0089dad
c383d637906b82debf30f05998d42274ce5d3cc64c7fa4b847ccb68915e5fd81
c47266d7e9eb776449a7ea4a61c9471ce175dc94b0c22110a59ca9285f3a13af
c72b6f5c0404d324ac2182a6e5a07117f4872649b374310472f8aaec0488439d
c7d09355d97b402e639d636c633900975ada1467b680a78363658ef3a9fbe3a2
caf6c81e772d99c7f6c5714d313e9080f8aba5f0632bcd2ffea02070275a71a1
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
cde2e5c8bf73b290cef56ece81d2ef89292517b75efa8bf50efebc9e1872a55b
d64ceaba33147830c61f1a8537b53ee857c5150a73e8227fd70c3d1448d8ed46
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dd20f4627fcc9d2ce601e20aef14b568d4576cf69ed34ea3b4ccd0f5e185f55c
ddd0e3f85394a8441b8e9c807a4180032f39fd18f998b88b4d41f8b9aa91938f
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a
e307dd39268095540e7188c0c65ddb972bd69c301504cfa7ba0e7e64ce00c874
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5de574f13eacdb548cf2f62fd3ebabc3153f1b1ca15adcbcee53c1a6360f30e
e71bdf4675414d652a8fa850e3b9d224d84d76b0c5ba95ce0edc33b04ef06f6e
e9edfb8293fa28fd10e12a06e365de892363611aa1f48a1a96725b58fdf6d10b
ea9eb3da93a192f3e6f71dc1d5755ca395d4a4b7dfba27d89ccf380c95605e9c
edde1b9df2511ea03fe276ff88a6cc4805667702abc5472c94b896653b0f0ce3
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f63038e82411f7d41b24013c079d99e88de35bf930d6ba9ceac87dfeb8c67ad1
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f
fcb4d4016032e87427fb77f5fb9907ea8ea6b997eb65567f3c8076597494b03f
fd08659fe0f20fd14dcf4c3c5acdde64de96028174f59b0b3dc776b62be789b9

flatbellytonic.com Open in urlscan Pro 2606:4700:20::ac43:4470 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

191 Requests

100 %HTTPS

63 %IPv6

29 Domains

34 Subdomains

34 IPs

5 Countries

8739 kBTransfer

15012 kBSize

15 Cookies

4 Outgoing links

Page URL History

Redirected requests

191 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

flatbellytonic.com Open in urlscan Pro
2606:4700:20::ac43:4470 Public Scan

Screenshot
Live screenshot

Full Image

191
Requests

100 %
HTTPS

63 %
IPv6

29
Domains

34
Subdomains

34
IPs

5
Countries

8739 kB
Transfer

15012 kB
Size

15
Cookies

191 HTTP transactions
1 data transactions