henrymeds.com Open in urlscan Pro
141.193.213.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://henrymeds.com/
Submission: On February 19 via manual (February 19th 2023, 5:01:12 pm UTC) from US — Scanned from DE

Summary HTTP 80 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 16 domains to perform 80 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is henrymeds.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.

This is the only time henrymeds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
8	13.32.2.79 13.32.2.79	16509 (AMAZON-02) (AMAZON-02)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6812:1122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	70.42.32.95 70.42.32.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	34.211.83.101 34.211.83.101	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
80	19

27 141.193.213.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

henrymeds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

cdn.emoryday-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.32.2.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-2-79.vie50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1122 (United States)

ASN13335 (CLOUDFLARENET, US)

static.legitscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.211.83.101 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-83-101.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	henrymeds.com henrymeds.com	3 MB
8	google.com www.google.com — Cisco Umbrella Rank: 2 google.com — Cisco Umbrella Rank: 1	962 B
8	segment.com cdn.segment.com — Cisco Umbrella Rank: 1377	63 KB
6	gstatic.com fonts.gstatic.com	95 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6232	735 B
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	5 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 900 trc.taboola.com — Cisco Umbrella Rank: 644 trc-events.taboola.com — Cisco Umbrella Rank: 1739	20 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	157 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 368	12 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2413 tr.outbrain.com — Cisco Umbrella Rank: 2326	7 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	255 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2506	297 B
2	legitscript.com static.legitscript.com — Cisco Umbrella Rank: 31269	15 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	144 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 997	172 B
1	emoryday-analytics.com cdn.emoryday-analytics.com — Cisco Umbrella Rank: 689098
80	16

	Domain	Requested by
27	henrymeds.com	henrymeds.com
8	cdn.segment.com	henrymeds.com cdn.segment.com
6	fonts.gstatic.com	henrymeds.com
4	google.com	www.googletagmanager.com
4	www.google.de	henrymeds.com
4	www.google.com	henrymeds.com
4	googleads.g.doubleclick.net	www.googletagmanager.com
3	connect.facebook.net	cdn.segment.com connect.facebook.net
3	bat.bing.com	cdn.segment.com bat.bing.com henrymeds.com
2	trc-events.taboola.com	cdn.taboola.com
2	www.facebook.com	henrymeds.com
2	tr.outbrain.com	amplify.outbrain.com henrymeds.com
2	region1.google-analytics.com	www.googletagmanager.com
2	static.legitscript.com	henrymeds.com
2	www.googletagmanager.com	henrymeds.com cdn.segment.com
1	api.segment.io	cdn.segment.com
1	trc.taboola.com	cdn.taboola.com
1	cdn.taboola.com	henrymeds.com
1	amplify.outbrain.com	henrymeds.com
1	cdn.emoryday-analytics.com	henrymeds.com
80	20

This site contains links to these domains. Also see Links.

Domain
docs.google.com
bit.ly
careers.henrymeds.com
legitscript.com

Subject Issuer	Validity	Valid
henrymeds.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
cdn.emoryday-analytics.com Starfield Secure Certificate Authority - G2	`2022-04-17` - `2023-04-15`	a year	crt.sh
*.segment.com Amazon	`2022-12-13` - `2024-01-12`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M01	`2023-02-10` - `2024-02-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://henrymeds.com/
Frame ID: 668018AC33B89B2797BBA40C372DE71B
Requests: 79 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4360FF981A0B9AAD429C00A4D6B7A55B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Henry Meds™ - Affordable Care for Everyone

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

80
Requests

100 %
HTTPS

58 %
IPv6

16
Domains

20
Subdomains

19
IPs

3
Countries

3287 kB
Transfer

5547 kB
Size

10
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.google.com/forms/d/e/1FAIpQLSfjDD_NfJIuDIMhH9aHKflPPLnJdUO5wbUHRRH-UwztsQXoVg/viewform?usp=sf_link
Title: Cancellation

Search URL Search Domain Scan URL

URL: https://bit.ly/henryonboard
Title: Start Your Free Self-Assessment

Search URL Search Domain Scan URL

URL: http://careers.henrymeds.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://legitscript.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
henrymeds.com/ 1 MB
123 KB 374ms
264ms Document
text/html 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 3fa678a912ebeef65aed9e6bd374218af02bde1b014734cef909882fa433b308

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79c08ff51cd03660-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 19 Feb 2023 17:01:04 GMT
link: <https://henrymeds.com/wp-json/>; rel="https://api.w.org/" <https://henrymeds.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json" <https://henrymeds.com/>; rel=shortlink
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 1
x-cache-group: normal
x-cacheable: SHORT
x-pingback: https://henrymeds.com/xmlrpc.php
x-powered-by: WP Engine

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
76 KB 151ms
56ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XRW5WG9JGS

Requested by

Host: henrymeds.com
URL: https://henrymeds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

348f85f96602ad95e14de267a54ebb8eb30e235db2471b279384b15693efca42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77339
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 19 Feb 2023 17:01:04 GMT

GET
H2 200 style.min.css
henrymeds.com/wp-includes/css/dist/block-library/ 93 KB
12 KB 267ms
264ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henrymeds.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 Feb 2023 22:05:53 GMT
server: cloudflare
etag: W/"63effa41-172a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c08ff708903660-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 classic-themes.min.css
henrymeds.com/wp-includes/css/ 217 B
227 B 294ms
291ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henrymeds.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 Feb 2023 22:05:53 GMT
server: cloudflare
etag: W/"63effa41-d9"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c08ff708923660-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 emoryday-public.css
henrymeds.com/wp-content/plugins/wordpress-plugin-main/public/css/ 98 B
154 B 309ms
306ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henrymeds.com/wp-content/plugins/wordpress-plugin-main/public/css/emoryday-public.css?ver=1.0.5
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 Feb 2023 22:05:59 GMT
server: cloudflare
etag: W/"63effa47-62"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c08ff708973660-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 wpsm-style.css
henrymeds.com/wp-content/plugins/wp-show-more/ 407 B
218 B 90ms
87ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henrymeds.com/wp-content/plugins/wp-show-more/wpsm-style.css?ver=6.1.1
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70a01c74e416d55d22922317d3aad135253a47e1042c1441d3867ddf3f13b0c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 22:05:58 GMT
server: cloudflare
age: 58068
etag: W/"63effa46-197"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c08ff708993660-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
henrymeds.com/wp-content/themes/Avada/assets/css/ 81 KB
15 KB 73ms
71ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henrymeds.com/wp-content/themes/Avada/assets/css/style.min.css?ver=7.5
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e231a94b4ca4df6170ef81b5fed34e3bf6fbb32d1a94d4c441029c63e373b81c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 22:05:58 GMT
server: cloudflare
age: 45589
etag: W/"63effa46-14260"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c08ff7089b3660-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
henrymeds.com/wp-includes/js/jquery/ 88 KB
31 KB 262ms
260ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henrymeds.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 Feb 2023 22:05:53 GMT
server: cloudflare
etag: W/"63effa41-15e54"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c08ff7089d3660-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
henrymeds.com/wp-includes/js/jquery/ 11 KB
4 KB 71ms
69ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henrymeds.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 22:05:52 GMT
server: cloudflare
age: 58067
etag: W/"63effa40-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c08ff7089e3660-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 emoryday-public.js Show response
henrymeds.com/wp-content/plugins/wordpress-plugin-main/public/js/ 838 B
545 B 72ms
70ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henrymeds.com/wp-content/plugins/wordpress-plugin-main/public/js/emoryday-public.js?ver=1.0.5
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 22:05:59 GMT
server: cloudflare
age: 58066
etag: W/"63effa47-346"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c08ff708a13660-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 403 /
cdn.emoryday-analytics.com/ 0
0 767ms
411ms Script
application/xml 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.emoryday-analytics.com/
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 awb-icons.woff
henrymeds.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 19 KB
19 KB 66ms
64ms Font
font/woff 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henrymeds.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5efd842e976610278c76b11ffcfecc869e13763685cbda1febb8437e49f868c9

Request headers

Referer: https://henrymeds.com/
Origin: https://henrymeds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 22:05:58 GMT
server: cloudflare
age: 58065
etag: "63effa46-4a98"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c08ff708a33660-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19096

GET
H2 200 fa-brands-400.woff2
henrymeds.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 75 KB
75 KB 276ms
274ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henrymeds.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83238a9c118b388bee1eede2f1c04b6441ac0c4a543f502457e3d2309a9d3e99

Request headers

Referer: https://henrymeds.com/
Origin: https://henrymeds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Feb 2023 22:05:58 GMT
server: cloudflare
etag: "63effa46-12bc0"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c08ff708a43660-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76736

GET
H2 200 fa-regular-400.woff2
henrymeds.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 13 KB
13 KB 665ms
663ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henrymeds.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d

Request headers

Referer: https://henrymeds.com/
Origin: https://henrymeds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:05 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Feb 2023 22:05:58 GMT
server: cloudflare
etag: "63effa46-33d0"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c08ff749313660-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13264

GET
H2 200 fa-solid-900.woff2
henrymeds.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 76 KB
77 KB 101ms
100ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henrymeds.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441

Request headers

Referer: https://henrymeds.com/
Origin: https://henrymeds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 22:05:58 GMT
server: cloudflare
age: 58061
etag: "63effa46-13184"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c08ff749323660-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78212

GET
H2 200 fitness.ttf
henrymeds.com/wp-content/uploads/fusion-icons/fitness-icon-set/fonts/ 10 KB
10 KB 304ms
303ms Font
application/octet-stream 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henrymeds.com/wp-content/uploads/fusion-icons/fitness-icon-set/fonts/fitness.ttf?9jppkm
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b049cdf6b20f54c41f5f12889126c15b4ec2241dc080e9a7e2e780f901a271b2

Request headers

Referer: https://henrymeds.com/
Origin: https://henrymeds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Feb 2023 22:05:55 GMT
server: cloudflare
etag: "63effa43-2808"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c08ff749353660-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10248

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/Fe7dDQ78OAd2kfvtMGV5VJIIptwZ9GC8/ 103 KB
28 KB 808ms
655ms Script
text/javascript 13.32.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/Fe7dDQ78OAd2kfvtMGV5VJIIptwZ9GC8/analytics.min.js
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-79.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5bc8b150904382ca0e8cab855eb7a57b66732352b4be945317eb80add2510ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 4wYYS7WNHkauK5.RJl3E17Bk6iV.YisB
content-encoding: br
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
date: Sun, 19 Feb 2023 17:01:06 GMT
x-amz-cf-pop: VIE50-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 25 Jan 2023 10:56:13 GMT
server: AmazonS3
etag: W/"7f02318e921ab1084ad192f60ae677bb"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: C5u9Bcb6X9qj8yqjfHAW1pZMEasKna8-WlEHw2KaQytgz0kJaAzG5A==

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 17 KB
6 KB 167ms
73ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3c4aacb974ed3d0a3d1f57bebc8d97897ce027b0751a5f0da9ee697a825c2f1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 17:01:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 09:48:30 GMT
Server: AkamaiNetStorage
ETag: "b07048fb19f7c325242e254218118e14:1675339769.124179"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5911
Expires: Sun, 19 Feb 2023 17:21:04 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1502116/ 58 KB
18 KB 350ms
248ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1502116/tfa.js
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a0432938790a56798d29001ae39bd799562d5360175f0885ff0c380fb6f01a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: hSz5RlWPJbgNgaVt1M40AvRtzReG5c4l
content-encoding: gzip
via: 1.1 varnish
date: Sun, 19 Feb 2023 17:01:05 GMT
x-amz-request-id: SMTS3SJ17PK89Y7P
age: 0
x-cache: MISS
x-amz-replication-status: COMPLETED
content-length: 18384
x-amz-id-2: qcRzbRHKwj+aHAZlnnLxJJ3jS3Xcfcw/KcA5ZQ7l3ADiTzohqf5LzjSFs9n9kgnXhVmepiXhpSs=
x-served-by: cache-hhn-etou8220072-HHN
last-modified: Sun, 19 Feb 2023 11:07:03 GMT
server: AmazonS3
x-timer: S1676826065.925004,VS0,VE207
etag: "52d313da1929a5f04d63d9c1ec27453e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 52
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 wp-emoji-release.min.js Show response
henrymeds.com/wp-includes/js/ 18 KB
5 KB 57ms
55ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henrymeds.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 22:05:52 GMT
server: cloudflare
age: 47333
etag: W/"63effa40-48b9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c08ff92a0f363f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Henry-Logo-Black-200x112.png
henrymeds.com/wp-content/uploads/2022/02/ 4 KB
4 KB 63ms
61ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://henrymeds.com/wp-content/uploads/2022/02/Henry-Logo-Black-200x112.png
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e56d6a8d695ebe57af20e05b04a2bc49a5515b1ae445d0c073998a7765707ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
cf-cache-status: HIT
age: 58046
cf-polished: origFmt=png, origSize=4820
content-disposition: inline; filename="Henry-Logo-Black-200x112.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3632
cf-bgj: imgq:100,h2pri
last-modified: Fri, 17 Feb 2023 22:05:57 GMT
server: cloudflare
etag: "63effa45-12d4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c08ff92a10363f-FRA

GET
H3 200 Step-1-Graphic-v2.png
henrymeds.com/wp-content/uploads/2022/03/ 35 KB
36 KB 296ms
293ms Image
image/png 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://henrymeds.com/wp-content/uploads/2022/03/Step-1-Graphic-v2.png
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ac41a0da291741c42e01ef3c4a4ffb529ec13a8bdcff59cfd77cbff5c941d9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:05 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Feb 2023 22:05:57 GMT
server: cloudflare
etag: "63effa45-8d79"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c08ff92a11363f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36217

GET
H3 200 Step-2-Graphic.png
henrymeds.com/wp-content/uploads/2022/03/ 99 KB
99 KB 338ms
335ms Image
image/png 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://henrymeds.com/wp-content/uploads/2022/03/Step-2-Graphic.png
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2d537aae744f3a3835af9b1c2ccfb451e55edc65f4826ee27c4dc08a03673e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:05 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Feb 2023 22:05:57 GMT
server: cloudflare
etag: "63effa45-18abb"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c08ff92a13363f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 101051

GET
H3 200 Box-Henry-400x373.png
henrymeds.com/wp-content/uploads/2022/03/ 33 KB
33 KB 338ms
336ms Image
image/png 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://henrymeds.com/wp-content/uploads/2022/03/Box-Henry-400x373.png
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7c4bc195417842bbe5c32c804b550b0a44e257d2f0706b3c1b30996c077f75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:05 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Feb 2023 22:05:57 GMT
server: cloudflare
etag: "63effa45-83ea"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c08ff92a14363f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33770

GET
H3 200 Henry-Logo-Black.png
henrymeds.com/wp-content/uploads/2022/02/ 6 KB
7 KB 97ms
95ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://henrymeds.com/wp-content/uploads/2022/02/Henry-Logo-Black.png
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b04e5ef5dcbcfbef219b3886c7bb7849ec4ae2707e2f90883b8fe064958d544c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
cf-cache-status: HIT
age: 47334
cf-polished: origFmt=png, origSize=12250
content-disposition: inline; filename="Henry-Logo-Black.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6444
cf-bgj: imgq:100,h2pri
last-modified: Fri, 17 Feb 2023 22:05:57 GMT
server: cloudflare
etag: "63effa45-2fda"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c08ff92a18363f-FRA

GET
H3 200 email-decode.min.js Show response
henrymeds.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
871 B 42ms
42ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://henrymeds.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: henrymeds.com
URL: https://henrymeds.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Feb 2023 14:31:01 GMT
server: cloudflare
etag: W/"63ececa5-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 79c08ff8e9a1363f-FRA
expires: Tue, 21 Feb 2023 17:01:04 GMT

GET
H2 200 13220361.js Show response
static.legitscript.com/seals/ 315 B
401 B 771ms
676ms Script
application/javascript 2606:4700::6812:1122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.legitscript.com/seals/13220361.js
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceb0c31dc9a0014885c9e383885b66b05683f6a042bdec53f19a6d2ae74130d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:05 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sun, 19 Feb 2023 16:02:49 GMT
server: cloudflare
etag: W/"63f24829-13b"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 79c08ff9bef337e9-FRA

GET
H3 200 HIPAA-Compliant-200x111.png
henrymeds.com/wp-content/uploads/2022/04/ 5 KB
5 KB 57ms
55ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://henrymeds.com/wp-content/uploads/2022/04/HIPAA-Compliant-200x111.png
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6c7802969ec92bff011d57392fccd9d76a65917371ddf9093dbd37766dfe080

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
cf-cache-status: HIT
age: 47333
cf-polished: origFmt=png, origSize=8820
content-disposition: inline; filename="HIPAA-Compliant-200x111.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4886
cf-bgj: imgq:100,h2pri
last-modified: Fri, 17 Feb 2023 22:05:56 GMT
server: cloudflare
etag: "63effa44-2274"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c08ff92a19363f-FRA

GET
H3 200 HIPAA-Compliant-400x223.png
henrymeds.com/wp-content/uploads/2022/04/ 21 KB
21 KB 254ms
252ms Image
image/png 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://henrymeds.com/wp-content/uploads/2022/04/HIPAA-Compliant-400x223.png
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d299859ec0031818bd60aaa07715c1822f53eec88fd46506dc310d7f33320e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:05 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Feb 2023 22:05:57 GMT
server: cloudflare
etag: "63effa45-53c0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c08ff92a1a363f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21440

GET
H3 200 wpsm-script.js Show response
henrymeds.com/wp-content/plugins/wp-show-more/ 531 B
381 B 54ms
51ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henrymeds.com/wp-content/plugins/wp-show-more/wpsm-script.js?ver=1.0.1
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07ed98a3b2e3e5f1d3c8f5feb13211b469f30dd6aba8274652a10aeea3c44c7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 22:05:58 GMT
server: cloudflare
age: 58040
etag: W/"63effa46-213"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c08ff92a0d363f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 81203d11f439b8b6818bd3229356e7b6.min.js Show response
henrymeds.com/wp-content/uploads/fusion-scripts/ 280 KB
78 KB 279ms
275ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://henrymeds.com/wp-content/uploads/fusion-scripts/81203d11f439b8b6818bd3229356e7b6.min.js?ver=3.4.1
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b6086ef77574f7b861f739530b882462303b7aec5bc97ef151433da4f262a67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 Feb 2023 22:17:14 GMT
server: cloudflare
etag: W/"63effcea-46188"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79c08ff92a0e363f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 149ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XRW5WG9JGS&gtm=45je32f0&_p=1182430193&cid=1939519405.1676826065&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676826064&sct=1&seg=0&dl=https%3A%2F%2Fhenrymeds.com%2F&dt=Henry%20Meds%E2%84%A2%20-%20Affordable%20Care%20for%20Everyone&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XRW5WG9JGS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 17:01:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://henrymeds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Henry-Web-Banner.png
henrymeds.com/wp-content/uploads/2022/02/ 1 MB
1 MB 75ms
74ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://henrymeds.com/wp-content/uploads/2022/02/Henry-Web-Banner.png
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adfe033525e137719a4a1d2188f5111512e663a592212c0ed00ddcc6960de01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:04 GMT
cf-cache-status: HIT
age: 58039
cf-polished: origFmt=png, origSize=2415038
content-disposition: inline; filename="Henry-Web-Banner.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1485258
cf-bgj: imgq:100,h2pri
last-modified: Fri, 17 Feb 2023 22:05:58 GMT
server: cloudflare
etag: "63effa46-24d9be"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c08ff94a46363f-FRA

GET
H3 200 Woman-Background-Flipped.png
henrymeds.com/wp-content/uploads/2022/02/ 645 KB
646 KB 787ms
787ms Image
image/png 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://henrymeds.com/wp-content/uploads/2022/02/Woman-Background-Flipped.png
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffd0bb1ea87e96b76954f7b0ee1dbcf8415e2fe3f6507ce6d26f41e5aa1b57da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:05 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Feb 2023 22:05:58 GMT
server: cloudflare
etag: "63effa46-a1588"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 79c08ff94a49363f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 660872

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 133ms
41ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: henrymeds.com
URL: https://henrymeds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://henrymeds.com/
Origin: https://henrymeds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 16:48:59 GMT
x-content-type-options: nosniff
age: 346325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 16:48:59 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 198ms
107ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: henrymeds.com
URL: https://henrymeds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://henrymeds.com/
Origin: https://henrymeds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:24:48 GMT
x-content-type-options: nosniff
age: 200176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 09:24:48 GMT

GET
H2 200 NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v21/ 26 KB
27 KB 169ms
78ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/heebo/v21/NGS6v5_NC0k9P9H2TbE.woff2

Requested by

Host: henrymeds.com
URL: https://henrymeds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b38977ea35fde92fe200fa14ac7cc55e2edce54b998ce9a08734ba1dd9053fed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://henrymeds.com/
Origin: https://henrymeds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 16:34:14 GMT
x-content-type-options: nosniff
age: 347210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27116
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:35:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 16:34:14 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 192ms
101ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: henrymeds.com
URL: https://henrymeds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://henrymeds.com/
Origin: https://henrymeds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 01:29:50 GMT
x-content-type-options: nosniff
age: 315074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 01:29:50 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 142ms
52ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: henrymeds.com
URL: https://henrymeds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://henrymeds.com/
Origin: https://henrymeds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 19:10:42 GMT
x-content-type-options: nosniff
age: 510622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Feb 2024 19:10:42 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 136ms
46ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: henrymeds.com
URL: https://henrymeds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://henrymeds.com/
Origin: https://henrymeds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:32:10 GMT
x-content-type-options: nosniff
age: 412134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 22:32:10 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 511ms
119ms Script
application/javascript 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=undefined
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 17:01:05 GMT
X-TraceId: 524ab4cee84e17abb6ee3d5961bfecb4
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 525ms
124ms Image
image/gif 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00b38494fb1d30a170a4e47b68e5b7d15c&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fhenrymeds.com%2F&g=0&optOut=false&bust=03150517058538731&referrer=
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 17:01:05 GMT
Cache-Control: no-cache
X-TraceId: 4f95342fe7b5df4a5c26a49485bad151
Content-Length: 53
Content-Type: image/gif;

GET
H2 200 json Show response
trc.taboola.com/1502116/trc/3/ 2 KB
2 KB 108ms
64ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1502116/trc/3/json?tim=1676826065202&data=%7B%22id%22%3A496%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1676826065196%2C%22cv%22%3A%2220230219-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhenrymeds.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-nathanielhenrymedscom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1676826065201%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fhenrymeds.com%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1502116/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 049561b93f04d2cf697ea66786d2375523fc8e710c46c07c834eca003451e06d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 22
date: Sun, 19 Feb 2023 17:01:05 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220072-HHN
server: nginx
x-timer: S1676826065.267976,VS0,VE22
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 13220361.png
static.legitscript.com/seals/ 15 KB
15 KB 819ms
818ms Image
image/png 2606:4700::6812:1122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.legitscript.com/seals/13220361.png
Requested by: Host: henrymeds.com
URL: https://henrymeds.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aaaebc87c4910995d5e87f5d9c9335376ca305201af396b593efb1611cf5c6bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:06 GMT
cf-cache-status: MISS
last-modified: Sun, 19 Feb 2023 16:02:49 GMT
server: cloudflare
etag: "63f24829-3a7f"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 79c08ffdffda37e9-FRA
content-length: 14975

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/Fe7dDQ78OAd2kfvtMGV5VJIIptwZ9GC8/ 2 KB
1 KB 155ms
63ms Fetch
application/json 13.32.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/Fe7dDQ78OAd2kfvtMGV5VJIIptwZ9GC8/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Fe7dDQ78OAd2kfvtMGV5VJIIptwZ9GC8/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-79.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd50c38cd69030fcdc55d1f106080fe74ec205efa5f0aefb813ca4298795f36f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: QrL4UFpByzwAinwgkdMmD41M4woGRT0W
content-encoding: br
via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
date: Sun, 19 Feb 2023 16:40:22 GMT
x-amz-cf-pop: VIE50-C2
age: 1244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 09 Feb 2023 16:31:39 GMT
server: AmazonS3
etag: W/"cd39edd89c673f3029425798ea0521f3"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: sxxCyfKGLnuc2faVMSYYF4sie8Xhd17uHE9QJaPdGM1MCHfZFPeuig==

GET
H2 200 ajs-destination.bundle.2cd9e450202b69d545a3.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 69ms
68ms Script
application/javascript 13.32.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.2cd9e450202b69d545a3.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Fe7dDQ78OAd2kfvtMGV5VJIIptwZ9GC8/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-79.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27cf59f2f5b8446bbf81f4ed9bbea4fcbbece316e3655ade51da075cdc9962d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 02:13:11 GMT
x-amz-version-id: jZ2L92raJDMf08tukXqdJ6aGBdPFzdTy
content-encoding: br
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 2040475
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 26 Jan 2023 20:14:52 GMT
server: AmazonS3
etag: W/"cc39e85781964199cd0d9501c897e385"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: TyKB1lMACKELPwDdKxiHDW94QIi1lAfiM8mbQNzuQHGcSM0ueOdBSw==

GET
H2 200 schemaFilter.bundle.d0fc84c62e956d168cce.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 46ms
46ms Script
application/javascript 13.32.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.d0fc84c62e956d168cce.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Fe7dDQ78OAd2kfvtMGV5VJIIptwZ9GC8/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-79.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ac404a65bffee85a15718f669a44f5a034c94116661e6e0e48b1609f4a8617a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 02:25:35 GMT
x-amz-version-id: VLQuST3Rg1zoSyN.SWag4b2R93Pv7oyc
content-encoding: br
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 2990131
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 16 Jan 2023 00:06:36 GMT
server: AmazonS3
etag: W/"d6985af1d6ad9e8c2f97f24f7b27306e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: kMQg3FnwfFI7ziMFp3-1aZG7N1CU25fny-aA03uH-ahc1eRXbdc0iw==

GET
H2 200 google-adwords-new.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-adwords-new/1.3.0/ 4 KB
2 KB 70ms
69ms Script
application/javascript 13.32.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-adwords-new/1.3.0/google-adwords-new.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Fe7dDQ78OAd2kfvtMGV5VJIIptwZ9GC8/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-79.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a33ab3ce110e9444cf5f27ced2788d62eb4343dfc8185a9c9e4e8e6fa38c7612

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 20:27:17 GMT
content-encoding: gzip
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
x-amz-version-id: MGbFsDaH2QIRLGKAtnCTPTAQb4OBl8sP
x-amz-cf-pop: VIE50-C2
age: 938030
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1656
last-modified: Wed, 08 Feb 2023 17:50:06 GMT
server: AmazonS3
etag: "76e6caac3528e83f1b3e2a920d4ec781"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: boAaCT84dFbeMvwOYD_9p5iZnsK1BE8r7dLD4lMKtChzS2HXpennjg==

GET
H2 200 bing-ads.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/bing-ads/2.0.1/ 2 KB
2 KB 71ms
70ms Script
application/javascript 13.32.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/bing-ads/2.0.1/bing-ads.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Fe7dDQ78OAd2kfvtMGV5VJIIptwZ9GC8/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-79.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fcc5947420bac95a9ee88dc4782ae6101a53a397e25b582b468979318eb71171

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 00:55:50 GMT
content-encoding: gzip
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
x-amz-version-id: BLkeUqceNeVRAln22GbNzsc08o9IUcLM
x-amz-cf-pop: VIE50-C2
age: 2909117
x-cache: Hit from cloudfront
content-length: 1135
last-modified: Tue, 10 Jan 2023 21:20:19 GMT
server: AmazonS3
etag: "9268c923e39afefe912025bc37ceb2f5"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: iARve5jv9AOmPY5pry-zyt2DVX0jg1k2fJi7CqDIsqSTKVEr8N7pXA==

GET
H2 200 facebook-pixel.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/ 10 KB
4 KB 80ms
79ms Script
application/javascript 13.32.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/facebook-pixel.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Fe7dDQ78OAd2kfvtMGV5VJIIptwZ9GC8/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-79.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6370f9ea258a05b7c088eac81d2e1893aae1bcca1127bad9df02e125ff86c99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:47:54 GMT
content-encoding: gzip
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
x-amz-version-id: iz4JBR0QcsnKSu8kdsV5HpqfU322YrO8
x-amz-cf-pop: VIE50-C2
age: 371593
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3273
last-modified: Wed, 08 Feb 2023 17:50:06 GMT
server: AmazonS3
etag: "4b03a476015c2ba9b9e74e895b97c12c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: X46IjXEjstLjciTFdmYyqpZeOmhqsD6CufwPM6rMWp2zdmoFp9h8qw==

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 56ms
55ms Script
application/javascript 13.32.2.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Fe7dDQ78OAd2kfvtMGV5VJIIptwZ9GC8/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-79.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 02:47:31 GMT
content-encoding: gzip
via: 1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
x-amz-version-id: lJtmCXSyB5Fd94udMEaQ3Fg4j3ghWk62
x-amz-cf-pop: VIE50-C2
age: 51216
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Wed, 08 Feb 2023 17:50:04 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: S33CqAInG_g6o11YZdBd18CFkvLHTBD29I32FyBXyrgCbHaKZ7-mYw==

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 177ms
69ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 19 Feb 2023 17:01:05 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 66A6AAA8CAF94AFB8BE297057706161A Ref B: FRA31EDGE0706 Ref C: 2023-02-19T17:01:06Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
68 KB 55ms
53ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-658999281

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8fcd6611f42c3dc7f39554c35e6df54505f46feee677463875574d70f44ef001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 17:01:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69355
x-xss-protection: 0
last-modified: Sun, 19 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Feb 2023 17:01:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 126ms
42ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 19 Feb 2023 17:01:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: +Agnof47S0CAsKB9tpw41YNMeqY7gXqcJk2LFExbz+QhcL8R9UVZFRKefJxjhuRJRWwNeMfZiGbiov3YirYIcw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
172 B 653ms
212ms Fetch
application/json 34.211.83.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Fe7dDQ78OAd2kfvtMGV5VJIIptwZ9GC8/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.83.101 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-83-101.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://henrymeds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://henrymeds.com
date: Sun, 19 Feb 2023 17:01:06 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/658999281/ 2 KB
1 KB 178ms
87ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/658999281/?random=1676826066239&cv=11&fst=1676826066239&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhenrymeds.com%2F&tiba=Henry%20Meds%E2%84%A2%20-%20Affordable%20Care%20for%20Everyone&auid=269680167.1676826066&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-658999281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8094f87f639e696d2572ff198a16c21db589cb38a5b5da0d3258174d72a72b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 17:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 906
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11073461096/ 2 KB
1 KB 174ms
86ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11073461096/?random=1676826066253&cv=11&fst=1676826066253&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhenrymeds.com%2F&tiba=Henry%20Meds%E2%84%A2%20-%20Affordable%20Care%20for%20Everyone&auid=269680167.1676826066&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-658999281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727ed5ee5c803ab7797345186b758e5a5eba436a7c81afd2c9d44db99e9715d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 17:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 904
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.96

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 19 Feb 2023 17:01:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ksJSpIltm7ZShPGGd8yTU84HQpO8l+m9utUihRf6QCPSAcEVS9dQmqiWMNy6Lq8C5GcrFBp6D9bqNDpUgIwopA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1219983158588506 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 118ms
118ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1219983158588506?v=2.9.96&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ef212f50396bdf8fb5522feaeb3162eb5d3d924a9bc445cf4832b91c03490bd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 19 Feb 2023 17:01:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Co5JngXZym392EiJ/vZcapwEWgBAwyLD3kWilGhreC2hcC8lOxq1FVkDw7rq4vyaoo2VahRsjoyXuVNyhH7hag==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 149017704.js Show response
bat.bing.com/p/action/ 0
118 B 416ms
416ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/149017704.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 19 Feb 2023 17:01:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 85F21B73BA9A4E7C842CA9A9B9A98AB9 Ref B: FRA31EDGE0706 Ref C: 2023-02-19T17:01:06Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 66ms
65ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=149017704&Ver=2&mid=94501e2b-5b7e-4820-812a-2bb57f56e2c2&sid=ffd771f0b07611ed8c0d8f2c8ae77a48&vid=ffd79800b07611ed82603946108ea2f0&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Henry%20Meds%E2%84%A2%20-%20Affordable%20Care%20for%20Everyone&p=https%3A%2F%2Fhenrymeds.com%2F&r=&lt=1586&evt=pageLoad&sv=1&rn=323906

Requested by

Host: henrymeds.com
URL: https://henrymeds.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 19 Feb 2023 17:01:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8AFC23C4F16C410796E2DFCD05D4DE20 Ref B: FRA31EDGE0706 Ref C: 2023-02-19T17:01:06Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/658999281/ 42 B
108 B 155ms
54ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/658999281/?random=1676826066239&cv=11&fst=1676826000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fhenrymeds.com%2F&tiba=Henry%20Meds%E2%84%A2%20-%20Affordable%20Care%20for%20Everyone&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1145710296&rmt_tld=0&ipr=y

Requested by

Host: henrymeds.com
URL: https://henrymeds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 17:01:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/658999281/ 42 B
108 B 150ms
51ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/658999281/?random=1676826066239&cv=11&fst=1676826000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fhenrymeds.com%2F&tiba=Henry%20Meds%E2%84%A2%20-%20Affordable%20Care%20for%20Everyone&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1145710296&rmt_tld=1&ipr=y

Requested by

Host: henrymeds.com
URL: https://henrymeds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 17:01:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11073461096/ 42 B
455 B 153ms
53ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11073461096/?random=1676826066253&cv=11&fst=1676826000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fhenrymeds.com%2F&tiba=Henry%20Meds%E2%84%A2%20-%20Affordable%20Care%20for%20Everyone&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=451225837&rmt_tld=0&ipr=y

Requested by

Host: henrymeds.com
URL: https://henrymeds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 17:01:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11073461096/ 42 B
455 B 149ms
50ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11073461096/?random=1676826066253&cv=11&fst=1676826000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fhenrymeds.com%2F&tiba=Henry%20Meds%E2%84%A2%20-%20Affordable%20Care%20for%20Everyone&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=451225837&rmt_tld=1&ipr=y

Requested by

Host: henrymeds.com
URL: https://henrymeds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 17:01:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 140ms
42ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1219983158588506&ev=PageView&dl=https%3A%2F%2Fhenrymeds.com%2F&rl=&if=false&ts=1676826066541&sw=1600&sh=1200&v=2.9.96&r=stable&a=seg&ec=0&o=30&cs_est=true&fbp=fb.1.1676826066540.164097822&it=1676826066304&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-6c5f9f7d03b8a04445c13b3101db0138&rqm=GET

Requested by

Host: henrymeds.com
URL: https://henrymeds.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 19 Feb 2023 17:01:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1502116/log/3/ 0
245 B 537ms
43ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1502116/log/3/unip?en=pre_d_eng_tb&tos=1559&scd=0&ssd=1&est=1676826065199&ver=36&isls=true&src=i&invt=1500&msa=1835&rv=1&tim=1676826066758&vi=1676826065196&ri=119285950ec9b4615580f34caea176d0&ref=null&cv=20230219-9-RELEASE&item-url=https%3A%2F%2Fhenrymeds.com%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1502116/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: https://henrymeds.com
pragma: no-cache
date: Sun, 19 Feb 2023 17:01:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/658999281/ 2 KB
1 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/658999281/?random=1676826067068&cv=11&fst=1676826067068&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhenrymeds.com%2F&tiba=Henry%20Meds%E2%84%A2%20-%20Affordable%20Care%20for%20Everyone&auid=269680167.1676826066&uamb=0&uaw=0&data=event%3Dform_start&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-658999281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c08c1e5d9af6f0cfb886879dadbf54107ea024f478d2de37749f329b6db66efc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 17:01:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 900
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/658999281/ 2 KB
1 KB 183ms
183ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/658999281/?random=1676826067077&cv=11&fst=1676826067077&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhenrymeds.com%2F&tiba=Henry%20Meds%E2%84%A2%20-%20Affordable%20Care%20for%20Everyone&auid=269680167.1676826066&uamb=0&uaw=0&data=event%3Dform_submit&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-658999281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c101c006897ea68d8707ad1c486ca70d36c6b833f01e2e9b8bf1cb3e2e8879c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 17:01:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 902
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 658999281
google.com/pagead/form-data/ 0
0 141ms
47ms Ping
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/pagead/form-data/658999281?gtm=45be32f0&hn=www.googleadservices.com&auid=269680167.1676826066&uamb=0&uaw=0&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-658999281
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

POST
H2 204 658999281
google.com/ccm/form-data/ 0
173 B 152ms
59ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/658999281?gtm=45be32f0&hn=www.googleadservices.com&auid=269680167.1676826066&uamb=0&uaw=0&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-658999281
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 17:01:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://henrymeds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 658999281
google.com/pagead/form-data/ 0
0 142ms
49ms Ping
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/pagead/form-data/658999281?gtm=45be32f0&hn=www.googleadservices.com&auid=269680167.1676826066&uamb=0&uaw=0&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-658999281
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

POST
H2 204 658999281
google.com/ccm/form-data/ 0
54 B 252ms
160ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/658999281?gtm=45be32f0&hn=www.googleadservices.com&auid=269680167.1676826066&uamb=0&uaw=0&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-658999281
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 17:01:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://henrymeds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 4360 0
70 B 41ms
40ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://henrymeds.com
Referer: https://henrymeds.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://henrymeds.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 17:01:07 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 /
www.google.com/pagead/1p-user-list/658999281/ 42 B
108 B 56ms
52ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/658999281/?random=1676826067068&cv=11&fst=1676826000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fhenrymeds.com%2F&tiba=Henry%20Meds%E2%84%A2%20-%20Affordable%20Care%20for%20Everyone&data=event%3Dform_start&fmt=3&is_vtc=1&random=2011544&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 17:01:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/658999281/ 42 B
108 B 56ms
53ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/658999281/?random=1676826067068&cv=11&fst=1676826000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fhenrymeds.com%2F&tiba=Henry%20Meds%E2%84%A2%20-%20Affordable%20Care%20for%20Everyone&data=event%3Dform_start&fmt=3&is_vtc=1&random=2011544&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 17:01:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/658999281/ 42 B
64 B 61ms
60ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/658999281/?random=1676826067077&cv=11&fst=1676826000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fhenrymeds.com%2F&tiba=Henry%20Meds%E2%84%A2%20-%20Affordable%20Care%20for%20Everyone&data=event%3Dform_submit&fmt=3&is_vtc=1&random=1701230353&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 17:01:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/658999281/ 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/658999281/?random=1676826067077&cv=11&fst=1676826000000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fhenrymeds.com%2F&tiba=Henry%20Meds%E2%84%A2%20-%20Affordable%20Care%20for%20Everyone&data=event%3Dform_submit&fmt=3&is_vtc=1&random=1701230353&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 17:01:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 48ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XRW5WG9JGS&gtm=45je32f0&_p=1182430193&cid=1939519405.1676826065&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1676826064&sct=1&seg=0&dl=https%3A%2F%2Fhenrymeds.com%2F&dt=Henry%20Meds%E2%84%A2%20-%20Affordable%20Care%20for%20Everyone&en=scroll&epn.percent_scrolled=90&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XRW5WG9JGS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 17:01:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://henrymeds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1502116/log/3/ 0
244 B 43ms
43ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1502116/log/3/unip?en=pre_d_eng_tb&tos=4560&scd=0&ssd=1&est=1676826065199&ver=36&isls=true&src=i&invt=3000&msa=1835&rv=1&tim=1676826069760&vi=1676826065196&ri=119285950ec9b4615580f34caea176d0&ref=null&cv=20230219-9-RELEASE&item-url=https%3A%2F%2Fhenrymeds.com%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1502116/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://henrymeds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: https://henrymeds.com
pragma: no-cache
date: Sun, 19 Feb 2023 17:01:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.henrymeds.com/	1970-01-20 19:23:06	Name: _ga Value: GA1.1.1939519405.1676826065
.henrymeds.com/	1970-01-20 19:23:06	Name: _ga_XRW5WG9JGS Value: GS1.1.1676826064.1.0.1676826064.0.0.0
henrymeds.com/	1970-01-20 09:47:06	Name: outbrain_cid_fetch Value: true
.henrymeds.com/	1970-01-20 18:32:42	Name: ajs_anonymous_id Value: 7f135923-1d21-4528-a035-fc28ef3a07f4
.henrymeds.com/	1970-01-20 11:56:42	Name: _gcl_au Value: 1.1.269680167.1676826066
.henrymeds.com/	1970-01-20 09:48:32	Name: _uetsid Value: ffd771f0b07611ed8c0d8f2c8ae77a48
.henrymeds.com/	1970-01-20 19:08:42	Name: _uetvid Value: ffd79800b07611ed82603946108ea2f0
.bing.com/	1970-01-20 19:08:42	Name: MUID Value: 02A0935224BE6E2B02AE81EF25126FA6
.henrymeds.com/	1970-01-20 11:56:42	Name: _fbp Value: fb.1.1676826066540.164097822
.doubleclick.net/	1970-01-20 19:08:42	Name: IDE Value: AHWqTUk-pgXG-ZWQfP_ppguU0QTXZljYTUsUzphuZC6Z5YnR0TITV2ia8JufdFM2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.emoryday-analytics.com/ Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
api.segment.io
bat.bing.com
cdn.emoryday-analytics.com
cdn.segment.com
cdn.taboola.com
connect.facebook.net
fonts.gstatic.com
google.com
googleads.g.doubleclick.net
henrymeds.com
region1.google-analytics.com
static.legitscript.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
13.32.2.79
141.193.213.21
141.226.228.48
151.101.65.44
2001:4860:4802:32::36
205.185.216.10
23.35.237.86
2606:4700::6812:1122
2620:1ec:c11::200
2a00:1450:4001:80f::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.211.83.101
70.42.32.95
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
049561b93f04d2cf697ea66786d2375523fc8e710c46c07c834eca003451e06d
07ed98a3b2e3e5f1d3c8f5feb13211b469f30dd6aba8274652a10aeea3c44c7f
0ac41a0da291741c42e01ef3c4a4ffb529ec13a8bdcff59cfd77cbff5c941d9a
0adfe033525e137719a4a1d2188f5111512e663a592212c0ed00ddcc6960de01
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27cf59f2f5b8446bbf81f4ed9bbea4fcbbece316e3655ade51da075cdc9962d4
348f85f96602ad95e14de267a54ebb8eb30e235db2471b279384b15693efca42
3c4aacb974ed3d0a3d1f57bebc8d97897ce027b0751a5f0da9ee697a825c2f1a
3fa678a912ebeef65aed9e6bd374218af02bde1b014734cef909882fa433b308
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5a0432938790a56798d29001ae39bd799562d5360175f0885ff0c380fb6f01a7
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ef212f50396bdf8fb5522feaeb3162eb5d3d924a9bc445cf4832b91c03490bd
5efd842e976610278c76b11ffcfecc869e13763685cbda1febb8437e49f868c9
65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d
6ac404a65bffee85a15718f669a44f5a034c94116661e6e0e48b1609f4a8617a
70a01c74e416d55d22922317d3aad135253a47e1042c1441d3867ddf3f13b0c0
727ed5ee5c803ab7797345186b758e5a5eba436a7c81afd2c9d44db99e9715d6
7b6086ef77574f7b861f739530b882462303b7aec5bc97ef151433da4f262a67
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
8094f87f639e696d2572ff198a16c21db589cb38a5b5da0d3258174d72a72b94
83238a9c118b388bee1eede2f1c04b6441ac0c4a543f502457e3d2309a9d3e99
8e56d6a8d695ebe57af20e05b04a2bc49a5515b1ae445d0c073998a7765707ab
8fcd6611f42c3dc7f39554c35e6df54505f46feee677463875574d70f44ef001
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a33ab3ce110e9444cf5f27ced2788d62eb4343dfc8185a9c9e4e8e6fa38c7612
aaaebc87c4910995d5e87f5d9c9335376ca305201af396b593efb1611cf5c6bf
af7c4bc195417842bbe5c32c804b550b0a44e257d2f0706b3c1b30996c077f75
b049cdf6b20f54c41f5f12889126c15b4ec2241dc080e9a7e2e780f901a271b2
b04e5ef5dcbcfbef219b3886c7bb7849ec4ae2707e2f90883b8fe064958d544c
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b38977ea35fde92fe200fa14ac7cc55e2edce54b998ce9a08734ba1dd9053fed
b5bc8b150904382ca0e8cab855eb7a57b66732352b4be945317eb80add2510ff
c08c1e5d9af6f0cfb886879dadbf54107ea024f478d2de37749f329b6db66efc
c101c006897ea68d8707ad1c486ca70d36c6b833f01e2e9b8bf1cb3e2e8879c6
c2d537aae744f3a3835af9b1c2ccfb451e55edc65f4826ee27c4dc08a03673e1
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c6c7802969ec92bff011d57392fccd9d76a65917371ddf9093dbd37766dfe080
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cd50c38cd69030fcdc55d1f106080fe74ec205efa5f0aefb813ca4298795f36f
ceb0c31dc9a0014885c9e383885b66b05683f6a042bdec53f19a6d2ae74130d7
d299859ec0031818bd60aaa07715c1822f53eec88fd46506dc310d7f33320e41
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
e231a94b4ca4df6170ef81b5fed34e3bf6fbb32d1a94d4c441029c63e373b81c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6370f9ea258a05b7c088eac81d2e1893aae1bcca1127bad9df02e125ff86c99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fcc5947420bac95a9ee88dc4782ae6101a53a397e25b582b468979318eb71171
ffd0bb1ea87e96b76954f7b0ee1dbcf8415e2fe3f6507ce6d26f41e5aa1b57da

henrymeds.com Open in urlscan Pro 141.193.213.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

100 %HTTPS

58 %IPv6

16 Domains

20 Subdomains

19 IPs

3 Countries

3287 kBTransfer

5547 kBSize

10 Cookies

4 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

henrymeds.com Open in urlscan Pro
141.193.213.21 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

100 %
HTTPS

58 %
IPv6

16
Domains

20
Subdomains

19
IPs

3
Countries

3287 kB
Transfer

5547 kB
Size

10
Cookies

80 HTTP transactions
0 data transactions