excues.top Open in urlscan Pro
2606:4700:3033::6815:54a4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://excues.top/
Submission: On March 01 via api (March 1st 2024, 1:30:21 pm UTC) from US — Scanned from US

Summary HTTP 73 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 32 IPs in 3 countries across 26 domains to perform 73 HTTP transactions. The main IP is 2606:4700:3033::6815:54a4, located in United States and belongs to CLOUDFLARENET, US. The main domain is excues.top.
TLS certificate: Issued by GTS CA 1P5 on February 29th 2024. Valid for: 3 months.

This is the only time excues.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3033::6815:54a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2600:9000:21e... 2600:9000:21ea:3800:c:35f5:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.230.163.38 54.230.163.38	16509 (AMAZON-02) (AMAZON-02)
2	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	18.164.96.49 18.164.96.49	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:a7e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.128.36 108.138.128.36	16509 (AMAZON-02) (AMAZON-02)
2	108.138.115.149 108.138.115.149	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
1 2	2606:4700:303... 2606:4700:3030::ac43:ae6d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	34.239.70.3 34.239.70.3	14618 (AMAZON-AES) (AMAZON-AES)
4	52.85.61.114 52.85.61.114	16509 (AMAZON-02) (AMAZON-02)
1	104.18.38.76 104.18.38.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
2	2606:4700:440... 2606:4700:4400::6812:2b5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	34.195.135.174 34.195.135.174	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.244.193.51 35.244.193.51	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.209.170.201 34.209.170.201	16509 (AMAZON-02) (AMAZON-02)
1	34.107.165.188 34.107.165.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	18.213.175.137 18.213.175.137	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2620:1ec:46::40 2620:1ec:46::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	3.231.199.99 3.231.199.99	14618 (AMAZON-AES) (AMAZON-AES)
2	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
73	32

1 2606:4700:3033::6815:54a4 (United States)

ASN13335 (CLOUDFLARENET, US)

excues.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:21ea:3800:c:35f5:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.medicalnewstoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.163.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-38.ewr53.r.cloudfront.net

gtm-server.healthline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-49.jfk50.r.cloudfront.net

prod.adspsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:a7e0 (United States)

ASN13335 (CLOUDFLARENET, US)

pub.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-36.jfk50.r.cloudfront.net

rvo-cohesion.medicalnewstoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.115.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-115-149.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:ae6d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

skyliie.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.239.70.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-70-3.compute-1.amazonaws.com

ingest.make.rvohealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.85.61.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-114.ewr53.r.cloudfront.net

cdn.rvohealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2b5a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.135.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-135-174.compute-1.amazonaws.com

id2.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.193.51 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.209.170.201 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-170-201.us-west-2.compute.amazonaws.com

adspsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.165.188 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.165.107.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.213.175.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-175-137.compute-1.amazonaws.com

aim-tag.hcn.health	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o62581.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.231.199.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-199-99.compute-1.amazonaws.com

www.medtargetsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	rvohealth.com ingest.make.rvohealth.com — Cisco Umbrella Rank: 18310 cdn.rvohealth.com — Cisco Umbrella Rank: 19232	8 KB
11	medicalnewstoday.com assets.medicalnewstoday.com — Cisco Umbrella Rank: 22449 rvo-cohesion.medicalnewstoday.com — Cisco Umbrella Rank: 51328	620 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 756 t.clarity.ms — Cisco Umbrella Rank: 7242 c.clarity.ms — Cisco Umbrella Rank: 1360	28 KB
6	hcn.health aim-tag.hcn.health — Cisco Umbrella Rank: 11848	72 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 375 c.bing.com — Cisco Umbrella Rank: 244	16 KB
3	medtargetsystem.com www.medtargetsystem.com — Cisco Umbrella Rank: 9761	22 KB
3	doubleverify.com pub.doubleverify.com — Cisco Umbrella Rank: 4716	12 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214	163 KB
2	33across.com 1 redirects lexicon.33across.com — Cisco Umbrella Rank: 1445	584 B
2	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 466 mug.criteo.com — Cisco Umbrella Rank: 3065	2 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1590	129 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 364	1 KB
2	skyliie.top 1 redirects skyliie.top	3 KB
2	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 6341 browser.sentry-cdn.com — Cisco Umbrella Rank: 4640	30 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 301	77 KB
2	adspsp.com prod.adspsp.com — Cisco Umbrella Rank: 17018 adspsp.com — Cisco Umbrella Rank: 15508	108 KB
2	wp.com i0.wp.com — Cisco Umbrella Rank: 3604	43 KB
1	sentry.io o62581.ingest.sentry.io — Cisco Umbrella Rank: 84054	324 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1138	275 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	17 KB
1	rkdms.com id2.sv.rkdms.com — Cisco Umbrella Rank: 18565	268 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 433	1 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 699	11 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	21 KB
1	healthline.com gtm-server.healthline.com — Cisco Umbrella Rank: 19684	73 KB
1	excues.top excues.top	56 KB
73	26

	Domain	Requested by
10	ingest.make.rvohealth.com	rvo-cohesion.medicalnewstoday.com browser.sentry-cdn.com
10	assets.medicalnewstoday.com	excues.top
6	aim-tag.hcn.health	gtm-server.healthline.com aim-tag.hcn.health
4	cdn.rvohealth.com	rvo-cohesion.medicalnewstoday.com cdn.rvohealth.com
3	www.medtargetsystem.com	aim-tag.hcn.health www.medtargetsystem.com
3	bat.bing.com	gtm-server.healthline.com bat.bing.com excues.top
3	pub.doubleverify.com	excues.top pub.doubleverify.com
3	securepubads.g.doubleclick.net	excues.top securepubads.g.doubleclick.net
2	c.clarity.ms	1 redirects
2	t.clarity.ms	browser.sentry-cdn.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	lexicon.33across.com	1 redirects excues.top
2	cdn.confiant-integrations.net	prod.adspsp.com cdn.confiant-integrations.net
2	match.adsrvr.org	prod.adspsp.com js-sec.indexww.com
2	skyliie.top	1 redirects excues.top
2	c.amazon-adsystem.com	excues.top c.amazon-adsystem.com
2	i0.wp.com	excues.top
1	c.bing.com	1 redirects
1	o62581.ingest.sentry.io	browser.sentry-cdn.com
1	api.rlcdn.com	js-sec.indexww.com
1	adspsp.com	excues.top
1	cdnjs.cloudflare.com	excues.top
1	browser.sentry-cdn.com	js.sentry-cdn.com
1	id2.sv.rkdms.com	prod.adspsp.com
1	mug.criteo.com	excues.top
1	gum.criteo.com	1 redirects
1	id5-sync.com	prod.adspsp.com
1	js-sec.indexww.com	prod.adspsp.com
1	js.sentry-cdn.com	excues.top
1	rvo-cohesion.medicalnewstoday.com	excues.top
1	www.google-analytics.com	excues.top
1	prod.adspsp.com	excues.top
1	gtm-server.healthline.com	excues.top
1	excues.top
73	34

This site contains links to these domains. Also see Links.

Domain
health.gov
www.ncbi.nlm.nih.gov
www.crohnscolitisfoundation.org
www.acefitness.org
www.nestlenutrition-institute.org
www.move.va.gov
crohnsandcolitis.ca
www.abc.net.au

Subject Issuer	Validity	Valid
excues.top GTS CA 1P5	`2024-02-29` - `2024-05-29`	3 months	crt.sh
*.medicalnewstoday.com Amazon RSA 2048 M03	`2023-11-11` - `2024-12-08`	a year	crt.sh
*.healthline.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
prod.adspsp.com Amazon RSA 2048 M03	`2023-11-18` - `2024-12-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
pub.doubleverify.com E1	`2024-02-07` - `2024-05-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
skyliie.top GTS CA 1P5	`2024-02-27` - `2024-05-27`	3 months	crt.sh
ingest.make.rvohealth.com Amazon RSA 2048 M02	`2023-07-23` - `2024-08-21`	a year	crt.sh
cdn.rvohealth.com Amazon RSA 2048 M02	`2023-08-02` - `2024-08-31`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.id5-sync.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
confiant-integrations.net GTS CA 1P5	`2024-01-17` - `2024-04-16`	3 months	crt.sh
rkdms.com Amazon RSA 2048 M03	`2023-10-04` - `2024-11-01`	a year	crt.sh
adspsp.com Amazon RSA 2048 M03	`2023-11-17` - `2024-12-15`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
aim-tag-web.prod.taiga.cloud Amazon RSA 2048 M03	`2023-10-14` - `2024-11-10`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
medtargetsystem.com Amazon RSA 2048 M03	`2023-09-22` - `2024-10-21`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh

This page contains 4 frames:

Primary Page: https://excues.top/
Frame ID: AAA0611D44AC241C04032CFCADA0546D
Requests: 59 HTTP requests in this frame

Frame: https://cdn.rvohealth.com/cohesion/xs2.html
Frame ID: 1F0B5D60A462DE81DFDA266258E18028
Requests: 2 HTTP requests in this frame

Frame: https://www.medtargetsystem.com/iframe/transition?client-origin=https%3A%2F%2Fexcues.top
Frame ID: 61F8BA735CBA6FAD3C60966AAD7A3C0B
Requests: 3 HTTP requests in this frame

Frame: https://aim-tag.hcn.health/iframe.html?client-origin=https%3A%2F%2Fexcues.top&pageview-id=d6a258f0-d7cf-11ee-8eb0-61fa2bd7b9e8&stps=%7B%7D&target=ie11
Frame ID: 4907229D6A40F077AAAE0D9373B2DA7F
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Building muscle with exercise: How muscle builds, routines, and diet Medical News Today

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Page Statistics

73
Requests

93 %
HTTPS

38 %
IPv6

26
Domains

34
Subdomains

32
IPs

3
Countries

1511 kB
Transfer

4426 kB
Size

34
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://health.gov/dietaryguidelines/2015/guidelines/appendix-1/
Title: https://health.gov/dietaryguidelines/2015/guidelines/appendix-1/

Search URL Search Domain Scan URL

URL: https://health.gov/dietaryguidelines/2015/guidelines/appendix-7/
Title: https://health.gov/dietaryguidelines/2015/guidelines/appendix-7/

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pubmed/21550729
Title: https://www.ncbi.nlm.nih.gov/pubmed/21550729

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pubmed/31469710
Title: https://www.ncbi.nlm.nih.gov/pubmed/31469710

Search URL Search Domain Scan URL

URL: https://www.crohnscolitisfoundation.org/justlikeme/living-with-crohns-and-colitis/fitness-and-sports
Title: https://www.crohnscolitisfoundation.org/justlikeme/living-with-crohns-and-colitis/fitness-and-sports

Search URL Search Domain Scan URL

URL: https://www.acefitness.org/education-and-resources/lifestyle/blog/5039/how-to-eat-and-train-for-a-mesomorph-body-type
Title: https://www.acefitness.org/education-and-resources/lifestyle/blog/5039/how-to-eat-and-train-for-a-mesomorph-body-type

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4523889/
Title: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4523889/

Search URL Search Domain Scan URL

URL: https://www.nestlenutrition-institute.org/docs/default-source/global-dcoument-library/publications/secured/9b554fc8b27955fbf3fb2435380f1fcc.pdf?sfvrsn=0
Title: https://www.nestlenutrition-institute.org/docs/default-source/global-dcoument-library/publications/secured/9b554fc8b27955fbf3fb2435380f1fcc.pdf?sfvrsn=0

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3939594/
Title: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3939594/

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6668575/
Title: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6668575/

Search URL Search Domain Scan URL

URL: https://www.move.va.gov/docs/NewHandouts/PhysicalActivity/P32_SampleStrengthActivityPlanForBeginners.pdf
Title: https://www.move.va.gov/docs/NewHandouts/PhysicalActivity/P32_SampleStrengthActivityPlanForBeginners.pdf

Search URL Search Domain Scan URL

URL: https://crohnsandcolitis.ca/About-Crohn-s-Colitis/IBD-Journey/Exercise-and-Lifestyle/Therapeutic-Monitoring
Title: https://crohnsandcolitis.ca/About-Crohn-s-Colitis/IBD-Journey/Exercise-and-Lifestyle/Therapeutic-Monitoring

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8897961/
Title: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8897961/

Search URL Search Domain Scan URL

URL: https://www.abc.net.au/news/health/2017-06-01/should-men-and-women-train-differently/8568396
Title: https://www.abc.net.au/news/health/2017-06-01/should-men-and-women-train-differently/8568396

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://gum.criteo.com/sid/json?origin=prebid&domain=excues.top&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=DwgSrnxmYmZuU1NFOEp5Y0o1Z0ZWU3lzZ0JvMENmdGVsUXlCd3Jzb0w0S2NzTWdUc0xaa1hpRXlLM2szbTJlN3VKNHdYVEJrdFpBNGt3Mml1T2twdUd5ZGNxWVRsSkh3ZnJwRy8zcHcxc2Z6RmRFb1A5Y3lodVBIWVNmRnlSbmk2cC9QditVd2VibUtwVWtLdVAyazg5MkxQU2pRQlUyUGZDNmJCbVFOZVRid0ErZWZIKzhMcmtmVHJRWmdmZlo4UWo0eFJ4VUdtMDd0SG9UMy9rQnAzRm4ra0lqYS9VMWR5cXVkdjUwTHB0eTVUcVkwPXw&cppv=2

Request Chain 39

https://lexicon.33across.com/v1/envelope?pid=0013300001b1YMsAAM&gdpr=0&us_privacy=1YNY HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0013300001b1YMsAAM&gdpr=0&us_privacy=1YNY&b=1&g=duadGfLbs4dIdAi%2FzRE3USVEzVtlVaKrvaDp1jBnBP8%3D

Request Chain 44

https://skyliie.top/f11wc.js?enrcn=PRN8GBkPXV0WTFMfAVdLMVhfEwwRQhE5N0YAAVlTXRFmHg1QBQpXG1AFGFciFkFdEjQDU3oeF0kEAkBNVQcRXyguZXw7T0ZdWBwGRnZUFAgJGBE0CxReXBJMVwMDWVNIBwNBUkgIBVcwB1dQBQpJBAJATVUHE1tBVAEDQ05WAhxHUjIAAk1QVgsAQk1WBwctQUoTAlVPRGZYGVBUEx1VUlQBAVVPRAADR1NEHRMRAgpCVFVPRFdQGxADEx1VFxREVFVPRFdQGxADEx1VQUoTXh4BVkgFQVYBCFwRGhNWAk9QFUhXVT4= HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.27.0/moment.min.js

Request Chain 72

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F6D477C269F34DF0998C521C41232621&RedC=c.clarity.ms&MXFR=0A173CB010F562FA1DDB288514F56C56 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F6D477C269F34DF0998C521C41232621&MUID=11D1782C672261760F0A6C19668560A7

73 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
excues.top/ 350 KB
56 KB 258ms
107ms Document
text/html 2606:4700:3033::6815:54a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://excues.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:54a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9684b15468085597ab660c27243da0244a6142d0087ec2591753d027d16cfe80

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 57247
alt-svc: h3=":443"; ma=86400
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
cf-cache-status: DYNAMIC
cf-ray: 85d9801ffdb5127b-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 01 Mar 2024 13:30:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FBtD57Roy7bQGqKIuJEBWJ9l1LDtOCp36M%2FYsh1js2bT1OdWJ%2FHiDLwrqEwsKVU8cjizUle%2BIHpLVmkHQWgBF1TywG3j18sfl%2BTRy1aBE5ln9JYumagPwQIuORwz7OV0iG%2F3eRRDgGH"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-nf-request-id: 01HQX3AM1AC7ARHKQP541P91BX

GET
H2 200 vendor-c8d08-legacy.js Show response
assets.medicalnewstoday.com/_next/ 323 KB
106 KB 474ms
285ms Script
text/javascript 2600:9000:21ea:3800:c:35f5:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.medicalnewstoday.com/_next/vendor-c8d08-legacy.js
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:3800:c:35f5:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e6ad6aea8a932ea01861a0b2f9cd10272322fdc3e2e9f9277c569393063d4fa

Request headers

Referer: https://excues.top/
Origin: https://excues.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 08:40:37 GMT
content-encoding: gzip
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
age: 103778
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-meta-branch: main
last-modified: Wed, 28 Feb 2024 23:16:40 GMT
server: AmazonS3
etag: W/"02f25def11f8528c7dc853edd4cfab12"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=365000000, immutable
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: UjBxBluRGcpd9iLxE1bqS530_v-RKuPNVriqqVwklp-StL0kiRzThQ==

GET
H2 200 lib-09c6f-legacy.js Show response
assets.medicalnewstoday.com/_next/ 545 KB
165 KB 512ms
323ms Script
text/javascript 2600:9000:21ea:3800:c:35f5:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.medicalnewstoday.com/_next/lib-09c6f-legacy.js
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:3800:c:35f5:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05b5f9bfbf03b668f5b0757d8b20a45b169006293300f8814a3d6797973e24fe

Request headers

Referer: https://excues.top/
Origin: https://excues.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 08:40:37 GMT
content-encoding: gzip
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
age: 103778
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-meta-branch: main
last-modified: Wed, 28 Feb 2024 23:16:39 GMT
server: AmazonS3
etag: W/"397f3ab631169dfeaa5dc8d95010649f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=365000000, immutable
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: SogyT7mPDwJIoRdkGeYzkf259oB3chN4jZVnezcExdsCjNQeyULdhQ==

GET
H2 200 infinite.js-legacy.js Show response
assets.medicalnewstoday.com/_next/86ad9178-2fcc-478e-9ed6-bc035a52a7d5/mnt/pages/ 340 KB
98 KB 424ms
236ms Script
text/javascript 2600:9000:21ea:3800:c:35f5:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.medicalnewstoday.com/_next/86ad9178-2fcc-478e-9ed6-bc035a52a7d5/mnt/pages/infinite.js-legacy.js
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:3800:c:35f5:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e864e16a895b98022682db953abdf7de2967641b3b79d6ae351a4aa3ae45a71d

Request headers

Referer: https://excues.top/
Origin: https://excues.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 08:40:37 GMT
content-encoding: gzip
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
age: 103778
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-meta-branch: main
last-modified: Wed, 28 Feb 2024 23:16:31 GMT
server: AmazonS3
etag: W/"8fcca091134fdb65ccfcaf7920f15830"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=365000000, immutable
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: BIBkHG3uUAwQllWuqTUb5nJ3Zawn_oJZslIgYQVJCyAzYg-bIR9vEw==

GET
H2 200 32A982_7_0.woff2
assets.medicalnewstoday.com/fonts/proxima/v1/ 34 KB
35 KB 378ms
190ms Font
font/woff2 2600:9000:21ea:3800:c:35f5:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.medicalnewstoday.com/fonts/proxima/v1/32A982_7_0.woff2
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:3800:c:35f5:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 292d2d171c50eacd82c2e02a6762e6f36c397c00c71a63663d009c3cb32c0828

Request headers

Referer: https://excues.top/
Origin: https://excues.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 08:40:37 GMT
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
age: 103778
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35075
last-modified: Wed, 28 Feb 2024 23:16:43 GMT
server: AmazonS3
etag: "d89279a206614fe34bf4051f99377023"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=365000000, immutable
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: Bil9674hGNuQOJPGw03V8dTJlr2sRSvgYdS9wLZtDt0pIioDTbeEtw==

GET
H2 200 32A982_9_0.woff2
assets.medicalnewstoday.com/fonts/proxima/v1/ 34 KB
34 KB 463ms
275ms Font
font/woff2 2600:9000:21ea:3800:c:35f5:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.medicalnewstoday.com/fonts/proxima/v1/32A982_9_0.woff2
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:3800:c:35f5:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86a4cb04b5f640a7a53ffab96e40a9a6e44e8145cdee3196aed61459a9a13d15

Request headers

Referer: https://excues.top/
Origin: https://excues.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 08:40:37 GMT
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
age: 103778
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 34583
last-modified: Wed, 28 Feb 2024 23:16:43 GMT
server: AmazonS3
etag: "8f6344932bf6c162ce322b40f60095b3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=365000000, immutable
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: dcvMuWKeNzonIEHwPFyBVpWqyfpKLUoSI4os-Cv4Abh8EXpNte_ilA==

GET
H2 200 38C507_0_0.woff2
assets.medicalnewstoday.com/fonts/proxima/v1/ 40 KB
41 KB 502ms
314ms Font
font/woff2 2600:9000:21ea:3800:c:35f5:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.medicalnewstoday.com/fonts/proxima/v1/38C507_0_0.woff2
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:3800:c:35f5:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7522c315958d63769a1449ee12cf43c90be533dabbee9d499d97474bc6549360

Request headers

Referer: https://excues.top/
Origin: https://excues.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 08:40:37 GMT
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
age: 103778
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 41411
last-modified: Wed, 28 Feb 2024 23:16:43 GMT
server: AmazonS3
etag: "bd192a11b1dd751452b9e40c3be335aa"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=365000000, immutable
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 1St8dZksBey2FgDiCD9KO04zyps6FI9LZ6bdpgnkRiVLNTJPEj6H9Q==

GET
H2 200 gtm.js Show response
gtm-server.healthline.com/ 215 KB
73 KB 271ms
135ms Script
application/javascript 54.230.163.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gtm-server.healthline.com/gtm.js?id=GTM-MB6365D
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-38.ewr53.r.cloudfront.net
Software: /
Resource Hash: f967ed8c3c78f6426a1f80dcdf318d7a607c5b46c63b2d5e7499deba335117f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:14 GMT
content-encoding: gzip
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=900
x-amz-cf-id: gCQ8fXKK9tl3VpQSuWm68yrjdEAjkg6Myz8e8i-sTsziUjbAbMjY1g==
expires: Fri, 01 Mar 2024 13:44:59 GMT

GET
H2 200 DanielBubnis.png
i0.wp.com/post.medicalnewstoday.com/wp-content/uploads/sites/3/2019/12/ 4 KB
5 KB 106ms
32ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/post.medicalnewstoday.com/wp-content/uploads/sites/3/2019/12/DanielBubnis.png?w=105&h=105

Requested by

Host: excues.top
URL: https://excues.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

7bb44cd65a75535f01dc915a45f6ba87be3fd270c8608c7bf4b8ad636a99ec3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:14 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4334
x-nc: HIT mia 4
last-modified: Sun, 17 Jul 2022 14:13:03 GMT
server: nginx
etag: "bbd672f516d1a513"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://post.medicalnewstoday.com/wp-content/uploads/sites/3/2019/12/DanielBubnis.png>; rel="canonical"
expires: Wed, 17 Jul 2024 02:13:03 GMT

GET
H2 200 a-woman-lifting-weights-in-the-gym-to-build-her-muscle.jpg
i0.wp.com/cdn-prod.medicalnewstoday.com/content/images/articles/319/319151/ 38 KB
38 KB 135ms
62ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/cdn-prod.medicalnewstoday.com/content/images/articles/319/319151/a-woman-lifting-weights-in-the-gym-to-build-her-muscle.jpg?w=1575

Requested by

Host: excues.top
URL: https://excues.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

c60b55dea9f9a4073f54d2addf95e4c2dd5fe8d9b99b39e99d292224496ac310

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:14 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 38484
x-nc: HIT mia 1
last-modified: Wed, 25 Oct 2023 05:32:01 GMT
server: nginx
etag: "a64da9582b79b209"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://cdn-prod.medicalnewstoday.com/content/images/articles/319/319151/a-woman-lifting-weights-in-the-gym-to-build-her-muscle.jpg>; rel="canonical"
expires: Fri, 24 Oct 2025 17:32:01 GMT

GET
H/1.1 200
OK adb.2418030m.min.js Show response
prod.adspsp.com/ 329 KB
108 KB 204ms
69ms Script
text/javascript 18.164.96.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.adspsp.com/adb.2418030m.min.js
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-49.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a4b299311ad3f5891b5d535bf021b28a55df6ce34324a5ace8bfbe054d2dfbb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Thu, 29 Feb 2024 20:39:28 GMT
Content-Encoding: gzip
Via: 1.1 58a45bf3f07dfdca95ebcb7935e84994.cloudfront.net (CloudFront)
Last-Modified: Thu, 29 Feb 2024 20:39:22 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P5
Age: 60647
ETag: W/"62cef5e79760c59dc823f30094126a93"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: sxKGNFVj1_LXA8Pqrl4ad58t6ewYN9I8jPdzzVuXBmVzZhu3-PZMKw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 88 KB
28 KB 277ms
133ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: excues.top
URL: https://excues.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad381d9072782dbe5b670426dc2d45f1e3622e95d632d483acda5096b762e515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28564
x-xss-protection: 0
server: cafe
etag: 304 / 19783 / m202402220101 / config-hash: 18075438754468141728
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:30:14 GMT

GET
H2 200 pub.js Show response
pub.doubleverify.com/dvtag/20447058/DV1208979/ 33 KB
11 KB 159ms
65ms Script
text/javascript 2606:4700::6812:a7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/20447058/DV1208979/pub.js

Requested by

Host: excues.top
URL: https://excues.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c32f16a9b0cc9e0b1de553f082c3ade71d2cdb2b575aadc02e635a47e41b4e17

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: public, max-age=900, stale-while-revalidate=3600
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 85d980218c0c6dc2-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 200ms
64ms Script
text/javascript 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: excues.top
URL: https://excues.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Mar 2024 12:06:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5011
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 01 Mar 2024 14:06:43 GMT

GET
H2 200 cohesion-tpo.min.js Show response
rvo-cohesion.medicalnewstoday.com/cohesion/ 92 KB
26 KB 206ms
70ms Script
text/javascript 108.138.128.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rvo-cohesion.medicalnewstoday.com/cohesion/cohesion-tpo.min.js?cDomain=medicalnewstoday.com
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-36.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6054e6bf28a61345ed2c78917233045eac30033394012dec3b3e0ec77516fa93

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:23:22 GMT
content-encoding: gzip
via: 1.1 c3fbf93d9b0f1f9b36fcc420314f3186.cloudfront.net (CloudFront), 1.1 d877346b368e974486e739220882b59e.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 15:07:40 GMT
server: AmazonS3
age: 419
x-amz-cf-pop: IAD79-C3, JFK50-P4
x-amz-server-side-encryption: AES256
etag: W/"450659ba3284f683d624afbe6317b956"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: no-store;
x-amz-cf-id: twoZm2eBLgYr4bnYuJj9sp7OmhxoNVcYCxM4QCBpzVrNEZk7xnuqYg==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 298 KB
74 KB 219ms
71ms Script
application/javascript 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19ad31119f7229d7e9bbdbaea96288801cda5c88d6d1a9877955ef28ee6d6c5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:08:36 GMT
content-encoding: gzip
via: 1.1 76a7fdbced88b6eccf433c4e386bae40.cloudfront.net (CloudFront), 1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
last-modified: Thu, 29 Feb 2024 20:11:28 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P3
age: 1299
x-amz-server-side-encryption: AES256
etag: W/"e5fd776c96ab2b62f9243467d80f8a10"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: wsEqrXAxAVd9hO1epF7vxM5Rh3IDbOcCGDuDSJ98SOHTXNTiL4LarA==

GET
H2 200 8bc674d734914b3f8179f84e9edb0faa.min.js Show response
js.sentry-cdn.com/ 3 KB
2 KB 104ms
32ms Script
text/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/8bc674d734914b3f8179f84e9edb0faa.min.js

Requested by

Host: excues.top
URL: https://excues.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5c95b1196f8beeb92f63dd82872bed5624df4938a8c7407337bb5276d8302ad8

Security Headers

Name	Value
Content-Security-Policy	frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; font-src * data:; frame-ancestors 'self' .sentry.io; style-src 'unsafe-inline' ; connect-src 'self' .algolia.net .algolianet.com .algolia.io sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; worker-src blob:; media-src ; base-uri 'none'; default-src 'none'; img-src blob: data: ; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; object-src 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=0be52d887889bd9451d1b1c5b3b9ce92d52539aa
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://excues.top/
Origin: https://excues.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; font-src * data:; frame-ancestors 'self' *.sentry.io; style-src 'unsafe-inline' *; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; worker-src blob:; media-src *; base-uri 'none'; default-src 'none'; img-src blob: data: *; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; object-src 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=0be52d887889bd9451d1b1c5b3b9ce92d52539aa
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Mar 2024 13:30:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 6
x-envoy-upstream-service-time: 30
content-length: 1247
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-74c54b985d-gzlwp, cache-chi-klot8100133-CHI, cache-mia-kmia1760098-MIA
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 b197.js Show response
skyliie.top/ 6 KB
3 KB 493ms
131ms Script
text/javascript 2606:4700:3030::ac43:ae6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://skyliie.top/b197.js
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:ae6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67df6c60b57ffd18e7dba1993c50ca26fe408e8deb2c58a5eddf2a69b1f012f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-nf-request-id: 01HQX38AP7XN82BN6629PA40FB
date: Fri, 01 Mar 2024 13:30:15 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkunTiigzwzBvXOAcET%2Fkt7Ed0DCn6oEWTKzc0Zjbo65gJBOjq2uymqcdwVw4tBrEVb2Y6L8mZKJpYNv7dnL%2Baak9XkPure7ljfpmA7GuuKNeK%2Bn%2BlJTaUbZ%2FC5O"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, no-store
cf-ray: 85d980234de731e0-MIA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 112 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfd6c4676a2e710a15d8e655b3184a9adbd6e6df7a4a662d294e791bb5f1c940

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 126 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ea5d0c8e0385b9b12a4179b14cadade7f34ff95d10fc68d5c48c5f22e66866c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ProximaNova-ExtraBold.woff2
assets.medicalnewstoday.com/fonts/proxima/v1/ 34 KB
34 KB 124ms
86ms Font
font/woff2 2600:9000:21ea:3800:c:35f5:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.medicalnewstoday.com/fonts/proxima/v1/ProximaNova-ExtraBold.woff2
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:3800:c:35f5:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79b07c91cbe792cce903a8ccdde66d932bc2f50c36ca3b64ec3ec5d5b70e049d

Request headers

Referer: https://excues.top/
Origin: https://excues.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 08:40:39 GMT
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
age: 103776
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 34721
last-modified: Wed, 28 Feb 2024 23:16:43 GMT
server: AmazonS3
etag: "99e9bd926cb9037697301eaed063b89c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=365000000, immutable
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: k6EyrPVQvbVonOGtJ60nhKq6ccPfbMNb7VQMwwJtDzxHnVoDhn4eGQ==

GET
H2 200 ProximaNova-Light.woff2
assets.medicalnewstoday.com/fonts/proxima/v1/ 34 KB
35 KB 252ms
215ms Font
font/woff2 2600:9000:21ea:3800:c:35f5:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.medicalnewstoday.com/fonts/proxima/v1/ProximaNova-Light.woff2
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:3800:c:35f5:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39c9e7abd7f903ed38747ee18a45cc77433b5b58030d10360b6c4695c2b9a075

Request headers

Referer: https://excues.top/
Origin: https://excues.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 08:40:39 GMT
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
age: 103776
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35166
last-modified: Wed, 28 Feb 2024 23:16:43 GMT
server: AmazonS3
etag: "7d37bc00cdcb4c5b8ea2b33141a05396"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=365000000, immutable
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: dAuQSORxL7uOmwKwd4TIk8Pf4ZLIZEaFNLcYznEeLoSSd_F7h-qijQ==

GET
H2 200 32A982_1_0.woff2
assets.medicalnewstoday.com/fonts/proxima/v1/ 34 KB
35 KB 191ms
153ms Font
font/woff2 2600:9000:21ea:3800:c:35f5:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.medicalnewstoday.com/fonts/proxima/v1/32A982_1_0.woff2
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:3800:c:35f5:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a094b6db80666acde205aef2232c3fac3239ffdec06e30bf1f31fce7431f9f5

Request headers

Referer: https://excues.top/
Origin: https://excues.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 08:40:39 GMT
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
age: 103776
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35080
last-modified: Wed, 28 Feb 2024 23:16:43 GMT
server: AmazonS3
etag: "3ef102215885554e04ea44aec5c6109e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=365000000, immutable
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: JC5edGGzfVSQRBJlArPt9g-05Oxja56zhnhhRbmfPCI8W7war4jv-g==

GET
H2 200 b0nkxzhcdperha==.woff
assets.medicalnewstoday.com/_next/_static/ 10 KB
10 KB 116ms
79ms Font
font/woff 2600:9000:21ea:3800:c:35f5:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.medicalnewstoday.com/_next/_static/b0nkxzhcdperha==.woff
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:3800:c:35f5:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6a7e38cce81a43404ac746aa84ac0235f65180f73517567a8d09648a8ca4096

Request headers

Referer: https://excues.top/
Origin: https://excues.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 08:40:39 GMT
via: 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
age: 103776
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-meta-branch: main
content-length: 10084
last-modified: Wed, 28 Feb 2024 23:16:33 GMT
server: AmazonS3
etag: "7c1cff169e486f49cac731c20cf11184"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=365000000, immutable
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: rG1wiVzSaBq2_bqQnphR-fr0aov11OM-geXu5MxK66-rfgYwmxSd_w==

GET
H2 200 pub.json Show response
pub.doubleverify.com/dvtag/signals/ids/ 13 B
386 B 168ms
100ms Fetch
application/json 2606:4700::6812:a7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/signals/ids/pub.json?ctx=20447058&cmp=DV1208979&url=https%3A%2F%2Fexcues.top&ids=1&token=0b4%2BJuWnuZgxd%2BOViV7Z0BqRgNJxE9Fc3HdtQ3vQe9rFIqCJXVSfrrQYZcoZoXPK7O5TEk8wcodF%2FaAvD%2FGJD5SDmtnLcoyweA0OHUFvWAUxvaufVYA%2BlC4DN9%2Fx4IoqrHmHw5tXjpRC1%2FNm8GhTE%2BliiYmIp7I%3D

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/dvtag/20447058/DV1208979/pub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44d6d1f2648e7469518e4c7c2434917f72f734dfb30716ea66a139ff4b6eb53b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: origin, x-forwarded-for, user-agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://excues.top
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: private, max-age=900
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 85d9802269e35c71-MIA
content-length: 13
alt-svc: h3=":443"; ma=86400

GET
H2 200 pub.json Show response
pub.doubleverify.com/dvtag/signals/bsc/ 40 B
137 B 230ms
165ms Fetch
application/json 2606:4700::6812:a7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/signals/bsc/pub.json?ctx=20447058&cmp=DV1208979&url=https%3A%2F%2Fexcues.top&bsc=1&abs=1&token=0b4%2BJuWnuZgxd%2BOViV7Z0BqRgNJxE9Fc3HdtQ3vQe9rFIqCJXVSfrrQYZcoZoXPK7O5TEk8wcodF%2FaAvD%2FGJD5SDmtnLcoyweA0OHUFvWAUxvaufVYA%2BlC4DN9%2Fx4IoqrHmHw5tXjpRC1%2FNm8GhTE%2BliiYmIp7I%3D

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/dvtag/20447058/DV1208979/pub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

923ce7ff9707cac6ad46a29b6c6e3d987b95ab93fa16ee854914dc1681d70697

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://excues.top
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: public, max-age=1519
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 85d9802269e75c71-MIA
content-length: 40
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 t
ingest.make.rvohealth.com/v2/ Frame 0
0 198ms
56ms Preflight 34.239.70.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvohealth.com/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.70.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-70-3.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://excues.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
date: Fri, 01 Mar 2024 13:30:14 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 204 t
ingest.make.rvohealth.com/v2/ Frame 0
0 197ms
56ms Preflight 34.239.70.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvohealth.com/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.70.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-70-3.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://excues.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
date: Fri, 01 Mar 2024 13:30:14 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 200 t Show response
ingest.make.rvohealth.com/v2/ 138 B
271 B 68ms
67ms XHR
application/json 34.239.70.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvohealth.com/v2/t
Requested by: Host: rvo-cohesion.medicalnewstoday.com
URL: https://rvo-cohesion.medicalnewstoday.com/cohesion/cohesion-tpo.min.js?cDomain=medicalnewstoday.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.70.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-70-3.compute-1.amazonaws.com
Software: /
Resource Hash: c62ca5610991a7f7d7d427950ef9e7f9d806c3f1ab851a47f1fa3129a7dbb070

Request headers

Referer: https://excues.top/
accept-language: en-US,en;q=0.9
Authorization: Basic d2tfMVRxZkRGUkdIbjBqVHRmT21MeGhNTlk0cFRVOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 01 Mar 2024 13:30:15 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvohealth.com/v2/ 138 B
271 B 59ms
58ms XHR
application/json 34.239.70.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvohealth.com/v2/t
Requested by: Host: rvo-cohesion.medicalnewstoday.com
URL: https://rvo-cohesion.medicalnewstoday.com/cohesion/cohesion-tpo.min.js?cDomain=medicalnewstoday.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.70.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-70-3.compute-1.amazonaws.com
Software: /
Resource Hash: 65b0e9f9d77dc9a761269fe6f4ea7ae129d7a02eccf7235d777fcabcc8c24b2c

Request headers

Referer: https://excues.top/
accept-language: en-US,en;q=0.9
Authorization: Basic d2tfMVRxZkRGUkdIbjBqVHRmT21MeGhNTlk0cFRVOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 01 Mar 2024 13:30:15 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

GET
H2 200 experimental.min.js Show response
cdn.rvohealth.com/cohesion/ext/ 8 KB
4 KB 224ms
61ms Script
text/javascript 52.85.61.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvohealth.com/cohesion/ext/experimental.min.js
Requested by: Host: rvo-cohesion.medicalnewstoday.com
URL: https://rvo-cohesion.medicalnewstoday.com/cohesion/cohesion-tpo.min.js?cDomain=medicalnewstoday.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-114.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f74071d4a8436cc22b7e436067a7c97f24b19279ec686dd5e14530818c76e945

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 10:58:02 GMT
content-encoding: gzip
via: 1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 15:07:40 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 9133
x-amz-server-side-encryption: AES256
etag: W/"f1be67985be93c50c64988d48db02eb8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: T-SyJ9bUyHhvW-ekGKB9PUaQUn5ENCjCYIeq_W4P8wGpn0cah-ArUw==

POST
H2 200 decisions Show response
cdn.rvohealth.com/preamp/api/v1/ 809 B
1 KB 241ms
83ms XHR
application/json 52.85.61.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rvohealth.com/preamp/api/v1/decisions

Requested by

Host: rvo-cohesion.medicalnewstoday.com
URL: https://rvo-cohesion.medicalnewstoday.com/cohesion/cohesion-tpo.min.js?cDomain=medicalnewstoday.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-114.ewr53.r.cloudfront.net

Software

Resource Hash

867ef9bb57a0f455ffb7ed45fcc5799f114e06e353b4177926d1177e6f828fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://excues.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Mar 2024 13:30:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC"
content-length: 809
x-xss-protection: 1; mode=block
etag: W/"329-dxY4od8u+bZLHLV+qGGWLGIcZ3c"
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 199
content-type: application/json; charset=utf-8
access-control-allow-origin: https://excues.top
vary: Origin
access-control-allow-credentials: true
x-ratelimit-reset: 1709299875
x-ratelimit-limit: 200
x-amz-cf-id: rLuxCWMBWX54nhwUubbAFSagGlBQtfVKykXMAqiL5dL4y4DAeOo3LQ==

GET
H2 200 xs1.html Show response
cdn.rvohealth.com/cohesion/ Frame 1F0B 900 B
1 KB 203ms
59ms Document
text/html 52.85.61.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvohealth.com/cohesion/xs1.html
Requested by: Host: rvo-cohesion.medicalnewstoday.com
URL: https://rvo-cohesion.medicalnewstoday.com/cohesion/cohesion-tpo.min.js?cDomain=medicalnewstoday.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-114.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8edbaff0f06b9a7dd980e4d8bc65c8a024273d78a7018632ba6969d3cea43c45

Request headers

Referer: https://excues.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 33212
content-length: 900
content-type: text/html
date: Fri, 01 Mar 2024 04:16:43 GMT
etag: "82e3997abc17ef90f8bdd9d8d29ddc47"
last-modified: Tue, 16 Jan 2024 15:07:40 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
x-amz-cf-id: 3ZxBKpeZYrWK3tWphptIX4gvzvdVWgeQ4vFCRt56LU6H5gALymeJdg==
x-amz-cf-pop: EWR53-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 234ms
110ms XHR
application/javascript 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:16 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 313dd6f62ed18c58ce60182660a6ec46.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 8ANzxNliQx3n-7lqf0zgNskQk_clMOb2X5e0_mTqbQ5eyrUSDYY85A==

GET
H2 200 180447-192872210293780.js Show response
js-sec.indexww.com/ht/p/ 32 KB
11 KB 130ms
53ms Script
text/javascript 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/180447-192872210293780.js
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.2418030m.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f0d3713e115ec71ed28881b8909abe3b8d6a82113aa89a3db35dcac2ea407c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 01 Mar 2024 13:15:14 GMT
server: cloudflare
age: 817
etag: W/"903ac8-7e27-612992a9707aa"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 85d98023abd51277-MIA
expires: Fri, 01 Mar 2024 17:30:15 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
562 B 176ms
57ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=bt8j74p&fmt=json
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.2418030m.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 83924fd160f4a55c6ead7d933f18aacf40038671b8da7f16e03c0d67e2384f6f

Request headers

Referer: https://excues.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Mar 2024 13:30:15 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://excues.top
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sun, 31 Mar 2024 13:30:15 GMT

POST
H2 200 1151.json Show response
id5-sync.com/g/v2/ 630 B
1 KB 464ms
153ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1151.json

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.2418030m.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

741dcf7ba9a3345bae80174dc00665ded5a3f15c7e7b61da9443aa1b8c7db75e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://excues.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://excues.top
date: Fri, 01 Mar 2024 13:30:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/cmoHx-7NMqx3kvsCb7fFcqWf2C8/gpt_and_prebid/ 162 KB
36 KB 128ms
46ms Script
text/javascript 2606:4700:4400::6812:2b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/cmoHx-7NMqx3kvsCb7fFcqWf2C8/gpt_and_prebid/config.js
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.2418030m.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6cdd519e37a1a5772149fe37dbd3c63d44c24253be499b3dae7a6ce6f863005

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Mar 2024 11:41:07 GMT
server: cloudflare
x-amz-request-id: 594VWSNA9PPH9JAS
age: 527
etag: W/"6f1f036e68a5056a282d834aad2e78b8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 85d98023b9228e06-MIA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Ysq0nzbgAdAYBYKk30G8fSa9gx82af3gBn+aTDPw1tvMCZjj8IV033F1rHIwePsxUTWgQEnR6lO9YkKsEK9IcTCgxGWtD7qa

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&domain=excues.top&cw=1
https://mug.criteo.com/sid?cpp=DwgSrnxmYmZuU1NFOEp5Y0o1Z0ZWU3lzZ0JvMENmdGVsUXlCd3Jzb0w0S2NzTWdUc0xaa1hpRXlLM2szbTJlN3VKNHdYVEJrdFpBNGt3Mml1T2twdUd5ZGNxWVRsSkh3ZnJwRy8zcHcxc2Z6RmRFb1A5Y3lodVBIWVNmRn...

290 B
908 B

193ms
55ms

XHR
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=DwgSrnxmYmZuU1NFOEp5Y0o1Z0ZWU3lzZ0JvMENmdGVsUXlCd3Jzb0w0S2NzTWdUc0xaa1hpRXlLM2szbTJlN3VKNHdYVEJrdFpBNGt3Mml1T2twdUd5ZGNxWVRsSkh3ZnJwRy8zcHcxc2Z6RmRFb1A5Y3lodVBIWVNmRnlSbmk2cC9QditVd2VibUtwVWtLdVAyazg5MkxQU2pRQlUyUGZDNmJCbVFOZVRid0ErZWZIKzhMcmtmVHJRWmdmZlo4UWo0eFJ4VUdtMDd0SG9UMy9rQnAzRm4ra0lqYS9VMWR5cXVkdjUwTHB0eTVUcVkwPXw&cppv=2

Requested by

Host: excues.top
URL: https://excues.top/

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ac79c5682af9832317007797ce4965c237e4be66673b547005ede7d6a0806353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 13:30:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 869556
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Mar 2024 13:30:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://excues.top
location: https://mug.criteo.com/sid?cpp=DwgSrnxmYmZuU1NFOEp5Y0o1Z0ZWU3lzZ0JvMENmdGVsUXlCd3Jzb0w0S2NzTWdUc0xaa1hpRXlLM2szbTJlN3VKNHdYVEJrdFpBNGt3Mml1T2twdUd5ZGNxWVRsSkh3ZnJwRy8zcHcxc2Z6RmRFb1A5Y3lodVBIWVNmRnlSbmk2cC9QditVd2VibUtwVWtLdVAyazg5MkxQU2pRQlUyUGZDNmJCbVFOZVRid0ErZWZIKzhMcmtmVHJRWmdmZlo4UWo0eFJ4VUdtMDd0SG9UMy9rQnAzRm4ra0lqYS9VMWR5cXVkdjUwTHB0eTVUcVkwPXw&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 441291
content-length: 0
expires: 0

GET
H2 200 / Show response
id2.sv.rkdms.com/identity/ 2 B
268 B 220ms
80ms XHR
application/json 34.195.135.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id2.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5344_04531&sv_pubid=11314&sv_domain=excues.top
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.2418030m.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.135.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-135-174.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://excues.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://excues.top
date: Fri, 01 Mar 2024 13:30:15 GMT
access-control-allow-credentials: true
server: awselb/2.0
content-length: 2
vary: Accept-Encoding
content-type: application/json

GET
H2

200

envelope Show response
lexicon.33across.com/v1/
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0013300001b1YMsAAM&gdpr=0&us_privacy=1YNY
https://lexicon.33across.com/v1/envelope?pid=0013300001b1YMsAAM&gdpr=0&us_privacy=1YNY&b=1&g=duadGfLbs4dIdAi%2FzRE3USVEzVtlVaKrvaDp1jBnBP8%3D

42 B
138 B

58ms
58ms

XHR
application/json

35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0013300001b1YMsAAM&gdpr=0&us_privacy=1YNY&b=1&g=duadGfLbs4dIdAi%2FzRE3USVEzVtlVaKrvaDp1jBnBP8%3D
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: H2
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:14 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://excues.top
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Fri, 01 Mar 2024 13:30:14 GMT
via: 1.1 google
referrer-policy: unsafe-url
vary: origin
access-control-allow-origin: https://excues.top
location: https://lexicon.33across.com/v1/envelope?pid=0013300001b1YMsAAM&gdpr=0&us_privacy=1YNY&b=1&g=duadGfLbs4dIdAi%2FzRE3USVEzVtlVaKrvaDp1jBnBP8%3D
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/ 428 KB
135 KB 66ms
64ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 12:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2125
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137662
x-xss-protection: 0
server: cafe
etag: 2919427224111863329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 01 Mar 2025 12:54:49 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 55 B
69 B 265ms
139ms XHR
application/json 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=excues.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c4a218599c2e93c9c1673a928e8f321ccd777e6d4593847656ac2bd4dc71311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45
x-xss-protection: 0
expires: Fri, 01 Mar 2024 13:30:15 GMT

GET
H2 200 xs2.html Show response
cdn.rvohealth.com/cohesion/ Frame 1F0B 346 B
707 B 61ms
59ms Document
text/html 52.85.61.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvohealth.com/cohesion/xs2.html
Requested by: Host: cdn.rvohealth.com
URL: https://cdn.rvohealth.com/cohesion/xs1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-114.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ae13ddab63acb296700ae3579ebf12ca93759bcf6285822acc5f831fc6f62f0

Request headers

Referer: https://cdn.rvohealth.com/cohesion/xs1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2141
content-length: 346
content-type: text/html
date: Fri, 01 Mar 2024 12:54:35 GMT
etag: "4b5f9eae0703e5970dae0efc366d7c1b"
last-modified: Tue, 16 Jan 2024 15:07:40 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
x-amz-cf-id: DN5dwhbaEO7PKN63OyFHMGFrXqCrvriVr1PM6k-9NPR1trGkkML6Jw==
x-amz-cf-pop: EWR53-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 bundle.es5.min.js Show response
browser.sentry-cdn.com/7.104.0/ 89 KB
28 KB 33ms
31ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/7.104.0/bundle.es5.min.js

Requested by

Host: js.sentry-cdn.com
URL: https://js.sentry-cdn.com/8bc674d734914b3f8179f84e9edb0faa.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d9db3b571a00db3560328a2d6aceea2e7ab55c2bd8903b4de1ffe1a51f4553cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://excues.top/
Origin: https://excues.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 29 Feb 2024 23:34:27 GMT
server: Fastly
age: 50095
etag: "ea43157d04c53ea93f50fc4dc0b5c2f5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 28573
expires: Fri, 28 Feb 2025 23:35:20 GMT

GET
H2

200

moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.27.0/
Redirect Chain

https://skyliie.top/f11wc.js?enrcn=PRN8GBkPXV0WTFMfAVdLMVhfEwwRQhE5N0YAAVlTXRFmHg1QBQpXG1AFGFciFkFdEjQDU3oeF0kEAkBNVQcRXyguZXw7T0ZdWBwGRnZUFAgJGBE0CxReXBJMVwMDWVNIBwNBUkgIBVcwB1dQBQpJBAJATVUHE1tBVA...
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.27.0/moment.min.js

57 KB
17 KB

107ms
40ms

Script
application/javascript

2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.27.0/moment.min.js

Requested by

Host: excues.top
URL: https://excues.top/

Protocol

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66c58fd2f4fe6a45a6bc4324358819acf1ca53d29ef276013c2ddda8e369d666

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 74167
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16963
last-modified: Thu, 18 Jun 2020 22:30:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eebeaf9-e5ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDvTHxdaz15gm1abGUTMrcGBq%2Bf5fMzuyzEwex14VZOyGYYUFACFH7NTJzTm5uMUBMU9tG9T%2FR29FmIjTNnu3xlU1r3BtiXKj%2BIxdKyXd2dqTnlq2djOxy8bObchjgN67ZDwnq2%2F4Z0o%2BgzBI1xCQuG%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85d980265abddb05-MIA
expires: Wed, 19 Feb 2025 13:30:15 GMT

Redirect headers

date: Fri, 01 Mar 2024 13:30:15 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8a9RsM3f%2Fp5dM5V8ySiz7knxfh262KnEdqAfrbIrEMlLCll4o4eQTaMkIOkp59hHf1tM8YQAvG3sLDcprGwKp%2BhUU%2BlEfhhUU50B%2Be7eHdxSPuZJp8ui%2FzF80O4UG0hEIaX4j6IY%2BN2okw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.27.0/moment.min.js
cache-control: no-cache, no-store
cf-ray: 85d980244f8531e0-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 204
No Content /
adspsp.com/pt/2418030/19/1/ 0
110 B 470ms
113ms Image
image/png 34.209.170.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adspsp.com/pt/2418030/19/1/?a=2,a2lt8oz663Ir7bN7Kqts,Y3E02dWkMd&aa=21AUsujcghZ2.gN.u11YNY.GDBABTA~1YNY.G6&b=&e=&c=https%3A%2F%2Fexcues.top%2F&d=&f=1.lt8oz5n5.1Tii&g=1Tnh&u=53f05bf3:lt7ouatv:421&v=18g.xc.0.xc.1.0&m=z&iE=N&iD=N&i3=N&i1=G&i9=N&iB=N&iC=N&i0=N&rnd=1709299815072
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.209.170.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-170-201.us-west-2.compute.amazonaws.com
Software: linux /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Server: linux
Connection: keep-alive
Content-Length: 0
Content-Type: image/png

GET
H2 204 identity Show response
api.rlcdn.com/api/ 0
275 B 163ms
76ms XHR
text/plain 34.107.165.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/180447-192872210293780.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.165.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.165.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://excues.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 01 Mar 2024 13:30:15 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://excues.top
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
560 B 59ms
58ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=180447
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/180447-192872210293780.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: f5f1849173595cb702aca041196f241208cf37403241d68f72fb8c3ff071b185

Request headers

Referer: https://excues.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 01 Mar 2024 13:30:15 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://excues.top
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sun, 31 Mar 2024 13:30:15 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202402080930/ 301 KB
92 KB 51ms
48ms Script
application/javascript 2606:4700:4400::6812:2b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202402080930/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/cmoHx-7NMqx3kvsCb7fFcqWf2C8/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aded1096d3e8af430f97e9402097f9d4e9eee726f3ee8533c8979ba79b7807e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Feb 2024 14:31:21 GMT
server: cloudflare
x-amz-request-id: QYVAYD2D9E43X08Y
age: 233174
etag: W/"8e28b21ff25dd26d00b95dfa641ab910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 85d980245a048e06-MIA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tzvoKyEPhkeNXQNQ7/E1wGFdAZd/hQfKKIFJiEtlsx25uUROiUawJB3enq2gqRtSVFjGJvyRuCw=

OPTIONS
H2 204 t
ingest.make.rvohealth.com/v2/ Frame 0
0 57ms
56ms Preflight 34.239.70.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvohealth.com/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.70.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-70-3.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://excues.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
date: Fri, 01 Mar 2024 13:30:15 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 200 t Show response
ingest.make.rvohealth.com/v2/ 138 B
271 B 64ms
64ms XHR
application/json 34.239.70.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvohealth.com/v2/t
Requested by: Host: rvo-cohesion.medicalnewstoday.com
URL: https://rvo-cohesion.medicalnewstoday.com/cohesion/cohesion-tpo.min.js?cDomain=medicalnewstoday.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.70.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-70-3.compute-1.amazonaws.com
Software: /
Resource Hash: 670c7c0c987e050cbe2bf2d7eeb85e2a7148d0bdd32715b1e92bfeefdc9bf174

Request headers

Referer: https://excues.top/
accept-language: en-US,en;q=0.9
Authorization: Basic d2tfMVRxZkRGUkdIbjBqVHRmT21MeGhNTlk0cFRVOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 01 Mar 2024 13:30:15 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 184ms
56ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: gtm-server.healthline.com
URL: https://gtm-server.healthline.com/gtm.js?id=GTM-MB6365D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 01 Mar 2024 13:30:14 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1C63C82E4AE4417094E5933F9983D30E Ref B: MIAEDGE2314 Ref C: 2024-03-01T13:30:15Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 client.js Show response
aim-tag.hcn.health/js/ 101 KB
37 KB 271ms
123ms Script
text/javascript 18.213.175.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aim-tag.hcn.health/js/client.js?dl=aimDataLayer&target=ie11
Requested by: Host: gtm-server.healthline.com
URL: https://gtm-server.healthline.com/gtm.js?id=GTM-MB6365D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.175.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-175-137.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 3271e5ea57f9fb107c8c23fae709fcb5ab5b440d6813e9ae60c6848221f3d116

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:15 GMT
content-encoding: gzip
server: awselb/2.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, public, max-age=86400
content-length: 37478

OPTIONS
H2 204 t
ingest.make.rvohealth.com/v2/ Frame 0
0 74ms
72ms Preflight 34.239.70.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvohealth.com/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.70.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-70-3.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://excues.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
date: Fri, 01 Mar 2024 13:30:15 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 200 t Show response
ingest.make.rvohealth.com/v2/ 138 B
271 B 61ms
59ms XHR
application/json 34.239.70.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvohealth.com/v2/t
Requested by: Host: rvo-cohesion.medicalnewstoday.com
URL: https://rvo-cohesion.medicalnewstoday.com/cohesion/cohesion-tpo.min.js?cDomain=medicalnewstoday.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.70.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-70-3.compute-1.amazonaws.com
Software: /
Resource Hash: 02b2df19890650f138f0e23efd81f17db43d425310abf8e5b9d3802e1c8f8ba3

Request headers

Referer: https://excues.top/
accept-language: en-US,en;q=0.9
Authorization: Basic d2tfMVRxZkRGUkdIbjBqVHRmT21MeGhNTlk0cFRVOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 01 Mar 2024 13:30:15 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

POST
H2 200 / Show response
o62581.ingest.sentry.io/api/248102/envelope/ 2 B
324 B 175ms
75ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o62581.ingest.sentry.io/api/248102/envelope/?sentry_key=8bc674d734914b3f8179f84e9edb0faa&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.104.0

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.104.0/bundle.es5.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://excues.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Mar 2024 13:30:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 97040225.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 61ms
53ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97040225.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

50f3c95b55fd50dcf63838f16cfcefcf5bc4a3f2fc172a8ea3c40730bff8689a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Fri, 01 Mar 2024 13:30:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5CAE73CBEAB946729BD11EFB56E1A7D0 Ref B: MIAEDGE2314 Ref C: 2024-03-01T13:30:15Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
359 B 86ms
83ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97040225&tm=gtm002&Ver=2&mid=ef55dd3f-d4ed-4416-8b20-822e68f100d6&sid=d68f9000d7cf11ee81d59993ed1ab16d&vid=d68feaa0d7cf11eeaff5776c4a09bcc2&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Building%20muscle%20with%20exercise%3A%20How%20muscle%20builds,%20routines,%20and%20diet&p=https%3A%2F%2Fexcues.top%2F&r=&lt=862&evt=pageLoad&sv=1&tcf=st%3DE&rn=102329

Requested by

Host: excues.top
URL: https://excues.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 01 Mar 2024 13:30:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C9D3EC90FF254FC0BA594ED05C5377E7 Ref B: MIAEDGE2314 Ref C: 2024-03-01T13:30:15Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 97040225 Show response
www.clarity.ms/tag/uet/ 878 B
1 KB 203ms
77ms Script
application/x-javascript 2620:1ec:46::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/97040225
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/97040225.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ff3e228989a72a5deb2dd58bca29d5c5ca372f73b02673c6afeb1eb9d7345297

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: -1
date: Fri, 01 Mar 2024 13:30:15 GMT
x-azure-ref: 20240301T133015Z-4v600c7n294fpc0kves8056tb000000003yg00000000918v
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 878
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 transition Show response
www.medtargetsystem.com/iframe/ Frame 61F8 189 B
539 B 208ms
73ms Document
text/html 3.231.199.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medtargetsystem.com/iframe/transition?client-origin=https%3A%2F%2Fexcues.top
Requested by: Host: aim-tag.hcn.health
URL: https://aim-tag.hcn.health/js/client.js?dl=aimDataLayer&target=ie11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.199.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-199-99.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/7.0.19-1+deb.sury.org~trusty+2
Resource Hash: ceaa62994ae70fdc114a98e0ef6d5e88754f2aa5e8ed442d39e9b5c2b278ecce

Request headers

Referer: https://excues.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-length: 146
content-type: text/html; charset=UTF-8
date: Fri, 01 Mar 2024 13:30:15 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: Apache/2.4.7 (Ubuntu)
vary: X-Forwarded-Proto,Accept-Encoding
x-powered-by: PHP/7.0.19-1+deb.sury.org~trusty+2
x-robots-tag: noindex

GET
H2 200 iframe.html Show response
aim-tag.hcn.health/ Frame 4907 89 KB
34 KB 112ms
112ms Document
text/html 18.213.175.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aim-tag.hcn.health/iframe.html?client-origin=https%3A%2F%2Fexcues.top&pageview-id=d6a258f0-d7cf-11ee-8eb0-61fa2bd7b9e8&stps=%7B%7D&target=ie11
Requested by: Host: aim-tag.hcn.health
URL: https://aim-tag.hcn.health/js/client.js?dl=aimDataLayer&target=ie11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.175.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-175-137.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 1ba52df372d9c3d542a4b9de0a46887d9dc24070f9f29ac5d4313970e5cfb6bd

Request headers

Referer: https://excues.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-length: 34339
content-type: text/html; charset=UTF-8
date: Fri, 01 Mar 2024 13:30:15 GMT
server: awselb/2.0
vary: Accept-Encoding

GET
H2 200 _itu.png Show response
aim-tag.hcn.health/ Frame 4907 103 B
453 B 121ms
121ms XHR
image/png 18.213.175.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aim-tag.hcn.health/_itu.png
Requested by: Host: aim-tag.hcn.health
URL: https://aim-tag.hcn.health/iframe.html?client-origin=https%3A%2F%2Fexcues.top&pageview-id=d6a258f0-d7cf-11ee-8eb0-61fa2bd7b9e8&stps=%7B%7D&target=ie11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.175.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-175-137.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 35e0d0143b3f552f67dd90cbdf25a412c9f08bba871733eb9785c338fa7f099d

Request headers

Accept: image/png
Referer: https://aim-tag.hcn.health/iframe.html?client-origin=https%3A%2F%2Fexcues.top&pageview-id=d6a258f0-d7cf-11ee-8eb0-61fa2bd7b9e8&stps=%7B%7D&target=ie11
pageview-id: d6a258f0-d7cf-11ee-8eb0-61fa2bd7b9e8
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: private
date: Fri, 01 Mar 2024 13:30:15 GMT
last-modified: 2010-01-01T00:00:00.000Z
server: awselb/2.0
etag: d6c152a0-d7cf-11ee-915f-41bdfa85d2d4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png
cache-control: no-transform, private, max-age=0, must-revalidate
content-length: 103
expires: -1

OPTIONS
H2 204 t
ingest.make.rvohealth.com/v2/ Frame 0
0 56ms
56ms Preflight 34.239.70.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvohealth.com/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.70.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-70-3.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://excues.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
date: Fri, 01 Mar 2024 13:30:15 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 200 t Show response
ingest.make.rvohealth.com/v2/ 138 B
271 B 65ms
65ms XHR
application/json 34.239.70.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvohealth.com/v2/t
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.104.0/bundle.es5.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.70.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-70-3.compute-1.amazonaws.com
Software: /
Resource Hash: 1026b90837a41c7fb85ee4cec02e2555ed98c61b13a3ff15064d8cd9db2c06ef

Request headers

Referer: https://excues.top/
accept-language: en-US,en;q=0.9
Authorization: Basic d2tfMVRxZkRGUkdIbjBqVHRmT21MeGhNTlk0cFRVOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 01 Mar 2024 13:30:15 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.22/ 60 KB
25 KB 71ms
70ms Script
application/javascript 2620:1ec:46::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.22/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/97040225
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3a582829e2c11dde7e02e0952effb8a8b97770c95705e03ecc82f848cb8684fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:15 GMT
content-encoding: br
last-modified: Thu, 29 Feb 2024 15:07:22 GMT
etag: W/"0x8DC39382173A2DD"
vary: Accept-Encoding
x-azure-ref: 20240301T133015Z-4v600c7n294fpc0kves8056tb000000003yg00000000918x
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 8a210321-301e-0000-5338-6b2edb000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 0

GET
H2 200 transition.js Show response
www.medtargetsystem.com/js/build/iframe/ Frame 61F8 103 KB
21 KB 119ms
119ms Script
application/javascript 3.231.199.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medtargetsystem.com/js/build/iframe/transition.js?1709299815
Requested by: Host: www.medtargetsystem.com
URL: https://www.medtargetsystem.com/iframe/transition?client-origin=https%3A%2F%2Fexcues.top
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.199.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-199-99.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 741600c835ba7298e083db591a80517f41ead3663b790eb45d7610dd96065cac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.medtargetsystem.com/iframe/transition?client-origin=https%3A%2F%2Fexcues.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:15 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 16:20:49 GMT
server: Apache/2.4.7 (Ubuntu)
etag: "19cbc-5edacf8ddda40-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 20898

GET
BLOB 200
OK 0e1f1cbb-375d-441a-b5c8-cacaa6df62e3
https://aim-tag.hcn.health/ Frame 4907 103 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://aim-tag.hcn.health/0e1f1cbb-375d-441a-b5c8-cacaa6df62e3
Requested by: Host: excues.top
URL: https://excues.top/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35e0d0143b3f552f67dd90cbdf25a412c9f08bba871733eb9785c338fa7f099d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length: 103
Content-Type: image/png

GET
H2 200 / Show response
aim-tag.hcn.health/api/v4/aim-reader/hcp/d6c152a0-d7cf-11ee-915f-41bdfa85d2d4/ Frame 4907 468 B
538 B 76ms
73ms XHR
application/json 18.213.175.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aim-tag.hcn.health/api/v4/aim-reader/hcp/d6c152a0-d7cf-11ee-915f-41bdfa85d2d4/?data=eyJjbGllbnRBcGlLZXkiOiI5NjVmM2RiNC1lMDRmLTQxZmYtODk4OS1hNmRiODM1OTE4OTkiLCJob3N0IjoiZXhjdWVzLnRvcCIsInBhZ2V2aWV3SWQiOiJkNmEyNThmMC1kN2NmLTExZWUtOGViMC02MWZhMmJkN2I5ZTgiLCJwYXRoIjoiLyIsInNlc3Npb24iOnsiaWQiOiJkNmQwZTMwMC1kN2NmLTExZWUtYjQ0OS0wYjYxNjI0OTlkOTUiLCJ0aW1lc3RhbXAiOjE3MDkyOTk4MTUwMDB9LCJ0YWdJZCI6ImQ2YzE1MmEwLWQ3Y2YtMTFlZS05MTVmLTQxYmRmYTg1ZDJkNCIsInRpbWVzdGFtcCI6IjE3MDkyOTk4MTU3MzQifQ%3D%3D&signature=NDk2NDBmYjNjYzQwZjEwNDk4ZjJiYTQyOTkwMzkwNmNjOTBiMzkzZDJmYmU3MWMzYWEzZDEzZjM0ZjM1YjY4Yw%3D%3D
Requested by: Host: aim-tag.hcn.health
URL: https://aim-tag.hcn.health/iframe.html?client-origin=https%3A%2F%2Fexcues.top&pageview-id=d6a258f0-d7cf-11ee-8eb0-61fa2bd7b9e8&stps=%7B%7D&target=ie11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.175.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-175-137.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 376f338e5c75300e5ff06e3a1f1c48ab1403d0d3f32daf9869ff9cad3cd496ae

Request headers

Referer: https://aim-tag.hcn.health/iframe.html?client-origin=https%3A%2F%2Fexcues.top&pageview-id=d6a258f0-d7cf-11ee-8eb0-61fa2bd7b9e8&stps=%7B%7D&target=ie11
pageview-id: d6a258f0-d7cf-11ee-8eb0-61fa2bd7b9e8
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:30:15 GMT
server: awselb/2.0
content-length: 468
content-type: application/json

POST
H2 202 dom-content-loaded Show response
aim-tag.hcn.health/api/v4/aim-reader/ Frame 4907 0
68 B 80ms
74ms XHR
application/octet-stream 18.213.175.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aim-tag.hcn.health/api/v4/aim-reader/dom-content-loaded
Requested by: Host: aim-tag.hcn.health
URL: https://aim-tag.hcn.health/iframe.html?client-origin=https%3A%2F%2Fexcues.top&pageview-id=d6a258f0-d7cf-11ee-8eb0-61fa2bd7b9e8&stps=%7B%7D&target=ie11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.175.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-175-137.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aim-tag.hcn.health/iframe.html?client-origin=https%3A%2F%2Fexcues.top&pageview-id=d6a258f0-d7cf-11ee-8eb0-61fa2bd7b9e8&stps=%7B%7D&target=ie11
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Mar 2024 13:30:15 GMT
server: awselb/2.0
content-length: 0
content-type: application/octet-stream

POST
H2 202 dom-content-loaded Show response
aim-tag.hcn.health/api/v4/aim-reader/ Frame 4907 0
68 B 103ms
94ms XHR
application/octet-stream 18.213.175.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aim-tag.hcn.health/api/v4/aim-reader/dom-content-loaded
Requested by: Host: aim-tag.hcn.health
URL: https://aim-tag.hcn.health/iframe.html?client-origin=https%3A%2F%2Fexcues.top&pageview-id=d6a258f0-d7cf-11ee-8eb0-61fa2bd7b9e8&stps=%7B%7D&target=ie11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.175.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-175-137.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aim-tag.hcn.health/iframe.html?client-origin=https%3A%2F%2Fexcues.top&pageview-id=d6a258f0-d7cf-11ee-8eb0-61fa2bd7b9e8&stps=%7B%7D&target=ie11
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Mar 2024 13:30:15 GMT
server: awselb/2.0
content-length: 0
content-type: application/octet-stream

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
290 B 603ms
432ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.104.0/bundle.es5.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://excues.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://excues.top
Date: Fri, 01 Mar 2024 13:30:15 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 _itu.png
www.medtargetsystem.com/ Frame 61F8 89 B
396 B 77ms
77ms Image
image/png 3.231.199.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medtargetsystem.com/_itu.png
Requested by: Host: www.medtargetsystem.com
URL: https://www.medtargetsystem.com/iframe/transition?client-origin=https%3A%2F%2Fexcues.top
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.199.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-199-99.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/7.0.19-1+deb.sury.org~trusty+2
Resource Hash: 2023d33cdcbc92384e340071f2f3a3ccbbd62712f938b15cf1fe823f93cbca59

Request headers

Referer: https://www.medtargetsystem.com/iframe/transition?client-origin=https%3A%2F%2Fexcues.top
Origin: https://www.medtargetsystem.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: private
date: Fri, 01 Mar 2024 13:30:15 GMT
server: Apache/2.4.7 (Ubuntu)
x-powered-by: PHP/7.0.19-1+deb.sury.org~trusty+2
vary: X-Forwarded-Proto
content-type: image/png
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-transform, max-age=0, must-revalidate, private
content-length: 89
expires: -1

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F6D477C269F34DF0998C521C41232621&RedC=c.clarity.ms&MXFR=0A173CB010F562FA1DDB288514F56C56
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F6D477C269F34DF0998C521C41232621&MUID=11D1782C672261760F0A6C19668560A7

42 B
442 B

55ms
55ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F6D477C269F34DF0998C521C41232621&MUID=11D1782C672261760F0A6C19668560A7
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://excues.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 13:30:15 GMT
last-modified: Fri, 09 Feb 2024 19:57:16 GMT
server: Microsoft-IIS/10.0
etag: "34cccc2e925bda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 01 Mar 2024 13:30:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 98302FB3ACEE40158E094E7FE7370C1F Ref B: MIAEDGE2314 Ref C: 2024-03-01T13:30:16Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F6D477C269F34DF0998C521C41232621&MUID=11D1782C672261760F0A6C19668560A7
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
290 B 55ms
55ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.104.0/bundle.es5.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://excues.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://excues.top
Date: Fri, 01 Mar 2024 13:30:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.excues.top/	1970-01-21 04:24:19	Name: chsn_cnsnt Value: excues.top%3AC0001%2CC0002%2CC0003%2CC0004%2CC0005
.excues.top/	1970-01-21 04:24:19	Name: _ga Value: GA1.2.143528500.1709299815
.excues.top/	1970-01-20 18:49:46	Name: _gid Value: GA1.2.343009250.1709299815
.excues.top/	1970-01-21 04:24:19	Name: _pubcid Value: ddf13f8e-c7ec-42ad-a2e2-d64c1a38358e
.excues.top/	1970-01-21 03:33:55	Name: _adb Value: a2lt8oz663Ir7bN7Kqts
.rvohealth.com/	1970-01-21 04:24:19	Name: cohsn_xs_id Value: 82ee7a92-cfb2-4601-9481-db78ce003485
.33across.com/	1970-01-21 03:33:55	Name: check Value: true
.adsrvr.org/	1970-01-21 03:33:55	Name: TDID Value: 417fea54-9a86-4de7-a55d-089564167448
.rkdms.com/	1970-01-21 03:33:55	Name: sessionid Value: h-fd63bc991f374868837fefddf3cac8d6_t-1709299815
.criteo.com/	1970-01-21 04:09:55	Name: partitioned_bundle Value: fkX5g19tQUVzNTclMkZRNlREa0JNZE5kVGNEb0olMkJUaFkxNjFjZnVSQWEzQ0NzMEdyTjc3UklpYkNGMUdjaGtTZHp3RUluMzloa2R3ZzlhaXQwN3hmRE5UUHBRbWtZU0NhTzlIdU9wVkJqQ3dWaHNSM1ZmdFcxT21ia2NJJTJGakNQbE5seGFWag
.excues.top/	1970-01-21 04:09:55	Name: cto_bidid Value: vNbHMF9jTVJvY0FmRkRrQUpCN2l4bUJWbHVkOXl3dCUyRnZIN3FnaXRKQldQczZwSHY3UG8zblFlYTQ5RllXNHlVZDdNNng
.excues.top/	1970-01-21 04:09:55	Name: cto_bundle Value: a7OCBF9tQUVzNTclMkZRNlREa0JNZE5kVGNEb0olMkJUaFkxNjFjZnVSQWEzQ0NzMEdyTjc3UklpYkNGMUdjaGtTZHp3RUluMzloa2R3ZzlhaXQwN3hmRE5UUHBRbWpRT2tKbXhrdmJKczcwUkJGZExRWVklM0Q
.excues.top/	1970-01-20 18:49:46	Name: _uetsid Value: d68f9000d7cf11ee81d59993ed1ab16d
.excues.top/	1970-01-21 04:09:55	Name: _uetvid Value: d68feaa0d7cf11eeaff5776c4a09bcc2
.id5-sync.com/	1970-01-20 20:57:55	Name: 3pi Value:
.id5-sync.com/	1970-01-20 20:57:55	Name: id5 Value: 0d9c7536-43b6-75a6-b365-393a251dbcc3#1709299815290#1
.bing.com/	1970-01-21 04:09:55	Name: MUID Value: 11D1782C672261760F0A6C19668560A7
.bat.bing.com/	1970-01-20 18:58:24	Name: MR Value: 0
www.clarity.ms/	1970-01-21 03:33:55	Name: CLID Value: 7034e527e502490091077be56baf9a5b.20240301.20250301
.www.medtargetsystem.com/	1969-12-31 23:59:59	Name: s-DMDSESSID Value: 57ea8fbc12416f45fb5ee36879d19c07
.excues.top/	1970-01-21 03:33:55	Name: _clck Value: jza9bc%7C2%7Cfjp%7C0%7C1521
aim-tag.hcn.health/	1970-01-21 04:24:19	Name: dmd-tag Value: d6c152a0-d7cf-11ee-915f-41bdfa85d2d4
.hcn.health/	1970-01-21 04:24:19	Name: dmd-tag Value: d6c152a0-d7cf-11ee-915f-41bdfa85d2d4
.aim-tag.hcn.health/	1969-12-31 23:59:59	Name: dmd-sid4 Value: {%22id%22:%22d6d0e300-d7cf-11ee-b449-0b6162499d95%22%2C%22timestamp%22:1709299815000}
.excues.top/	1970-01-21 04:24:19	Name: dmd-tag Value: d6c152a0-d7cf-11ee-915f-41bdfa85d2d4
.excues.top/	1969-12-31 23:59:59	Name: dmd-sid4 Value: {%22id%22:%22d6d0e300-d7cf-11ee-b449-0b6162499d95%22%2C%22timestamp%22:1709299815000}
.aim-tag.hcn.health/	1969-12-31 23:59:59	Name: 965f3db4-e04f-41ff-8989-a6db83591899 Value: {%22lastUpdated%22:1709299815813%2C%22signalData%22:{%22aim_version%22:%224.33.0%22%2C%22event_timestamp%22:%222024-03-01%2013:30:15%22%2C%22country_code%22:%22%22%2C%22country_description%22:%22%22%2C%22dgid%22:%22%22%2C%22first_name%22:%22%22%2C%22identity_type%22:%22UNK%22%2C%22last_name%22:%22%22%2C%22npi_number%22:%22%22%2C%22hcp_type%22:%22%22%2C%22professional_designation%22:%22%22%2C%22primary_specialty_code%22:%22%22%2C%22primary_specialty_description%22:%22%22%2C%22secondary_specialty_code%22:%22%22%2C%22secondary_specialty_description%22:%22%22%2C%22email%22:%22%22%2C%22me_number%22:%22%22%2C%22state%22:%22%22%2C%22zip_code%22:%22%22%2C%22tag_id%22:%22d6c152a0-d7cf-11ee-915f-41bdfa85d2d4%22}}
.c.bing.com/	1970-01-20 18:58:24	Name: MR Value: 0
.c.bing.com/	1970-01-21 04:09:55	Name: SRM_B Value: 11D1782C672261760F0A6C19668560A7
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 04:09:55	Name: MUID Value: 11D1782C672261760F0A6C19668560A7
.c.clarity.ms/	1970-01-20 18:58:24	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 18:48:20	Name: ANONCHK Value: 0
.excues.top/	1970-01-20 18:49:46	Name: _clsk Value: 7mhzse%7C1709299816378%7C1%7C0%7Ct.clarity.ms%2Fcollect

47 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://excues.top/(Line 8772) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://excues.top/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://excues.top/ Message: The resource https://assets.medicalnewstoday.com/fonts/proxima/v1/38C507_0_0.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adspsp.com
aim-tag.hcn.health
api.rlcdn.com
assets.medicalnewstoday.com
bat.bing.com
browser.sentry-cdn.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
cdn.confiant-integrations.net
cdn.rvohealth.com
cdnjs.cloudflare.com
excues.top
gtm-server.healthline.com
gum.criteo.com
i0.wp.com
id2.sv.rkdms.com
id5-sync.com
ingest.make.rvohealth.com
js-sec.indexww.com
js.sentry-cdn.com
lexicon.33across.com
match.adsrvr.org
mug.criteo.com
o62581.ingest.sentry.io
prod.adspsp.com
pub.doubleverify.com
rvo-cohesion.medicalnewstoday.com
securepubads.g.doubleclick.net
skyliie.top
t.clarity.ms
www.clarity.ms
www.google-analytics.com
www.medtargetsystem.com
104.18.38.76
108.138.115.149
108.138.128.36
141.95.98.64
15.197.193.217
18.164.96.49
18.213.175.137
192.0.77.2
20.110.205.119
20.114.189.70
2600:9000:21ea:3800:c:35f5:3e80:93a1
2606:4700:3030::ac43:ae6d
2606:4700:3033::6815:54a4
2606:4700:4400::6812:2b5a
2606:4700::6811:190e
2606:4700::6812:a7e0
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::200e
2620:100:a001::c
2620:1ec:46::40
2620:1ec:c11::200
2a04:4e42:600::729
3.231.199.99
34.107.165.188
34.120.195.249
34.195.135.174
34.209.170.201
34.239.70.3
35.244.193.51
52.85.61.114
54.230.163.38
74.119.119.139
02b2df19890650f138f0e23efd81f17db43d425310abf8e5b9d3802e1c8f8ba3
05b5f9bfbf03b668f5b0757d8b20a45b169006293300f8814a3d6797973e24fe
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0f0d3713e115ec71ed28881b8909abe3b8d6a82113aa89a3db35dcac2ea407c1
1026b90837a41c7fb85ee4cec02e2555ed98c61b13a3ff15064d8cd9db2c06ef
19ad31119f7229d7e9bbdbaea96288801cda5c88d6d1a9877955ef28ee6d6c5c
1ba52df372d9c3d542a4b9de0a46887d9dc24070f9f29ac5d4313970e5cfb6bd
1e6ad6aea8a932ea01861a0b2f9cd10272322fdc3e2e9f9277c569393063d4fa
2023d33cdcbc92384e340071f2f3a3ccbbd62712f938b15cf1fe823f93cbca59
292d2d171c50eacd82c2e02a6762e6f36c397c00c71a63663d009c3cb32c0828
3271e5ea57f9fb107c8c23fae709fcb5ab5b440d6813e9ae60c6848221f3d116
35e0d0143b3f552f67dd90cbdf25a412c9f08bba871733eb9785c338fa7f099d
376f338e5c75300e5ff06e3a1f1c48ab1403d0d3f32daf9869ff9cad3cd496ae
39c9e7abd7f903ed38747ee18a45cc77433b5b58030d10360b6c4695c2b9a075
3a582829e2c11dde7e02e0952effb8a8b97770c95705e03ecc82f848cb8684fd
3c4a218599c2e93c9c1673a928e8f321ccd777e6d4593847656ac2bd4dc71311
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44d6d1f2648e7469518e4c7c2434917f72f734dfb30716ea66a139ff4b6eb53b
4a4b299311ad3f5891b5d535bf021b28a55df6ce34324a5ace8bfbe054d2dfbb
50f3c95b55fd50dcf63838f16cfcefcf5bc4a3f2fc172a8ea3c40730bff8689a
5c95b1196f8beeb92f63dd82872bed5624df4938a8c7407337bb5276d8302ad8
5ea5d0c8e0385b9b12a4179b14cadade7f34ff95d10fc68d5c48c5f22e66866c
6054e6bf28a61345ed2c78917233045eac30033394012dec3b3e0ec77516fa93
65b0e9f9d77dc9a761269fe6f4ea7ae129d7a02eccf7235d777fcabcc8c24b2c
66c58fd2f4fe6a45a6bc4324358819acf1ca53d29ef276013c2ddda8e369d666
670c7c0c987e050cbe2bf2d7eeb85e2a7148d0bdd32715b1e92bfeefdc9bf174
67df6c60b57ffd18e7dba1993c50ca26fe408e8deb2c58a5eddf2a69b1f012f1
741600c835ba7298e083db591a80517f41ead3663b790eb45d7610dd96065cac
741dcf7ba9a3345bae80174dc00665ded5a3f15c7e7b61da9443aa1b8c7db75e
7522c315958d63769a1449ee12cf43c90be533dabbee9d499d97474bc6549360
79b07c91cbe792cce903a8ccdde66d932bc2f50c36ca3b64ec3ec5d5b70e049d
7a094b6db80666acde205aef2232c3fac3239ffdec06e30bf1f31fce7431f9f5
7bb44cd65a75535f01dc915a45f6ba87be3fd270c8608c7bf4b8ad636a99ec3d
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
83924fd160f4a55c6ead7d933f18aacf40038671b8da7f16e03c0d67e2384f6f
867ef9bb57a0f455ffb7ed45fcc5799f114e06e353b4177926d1177e6f828fad
86a4cb04b5f640a7a53ffab96e40a9a6e44e8145cdee3196aed61459a9a13d15
8edbaff0f06b9a7dd980e4d8bc65c8a024273d78a7018632ba6969d3cea43c45
923ce7ff9707cac6ad46a29b6c6e3d987b95ab93fa16ee854914dc1681d70697
9684b15468085597ab660c27243da0244a6142d0087ec2591753d027d16cfe80
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ae13ddab63acb296700ae3579ebf12ca93759bcf6285822acc5f831fc6f62f0
ac79c5682af9832317007797ce4965c237e4be66673b547005ede7d6a0806353
ad381d9072782dbe5b670426dc2d45f1e3622e95d632d483acda5096b762e515
aded1096d3e8af430f97e9402097f9d4e9eee726f3ee8533c8979ba79b7807e9
c32f16a9b0cc9e0b1de553f082c3ade71d2cdb2b575aadc02e635a47e41b4e17
c60b55dea9f9a4073f54d2addf95e4c2dd5fe8d9b99b39e99d292224496ac310
c62ca5610991a7f7d7d427950ef9e7f9d806c3f1ab851a47f1fa3129a7dbb070
ceaa62994ae70fdc114a98e0ef6d5e88754f2aa5e8ed442d39e9b5c2b278ecce
d6cdd519e37a1a5772149fe37dbd3c63d44c24253be499b3dae7a6ce6f863005
d9db3b571a00db3560328a2d6aceea2e7ab55c2bd8903b4de1ffe1a51f4553cd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfd6c4676a2e710a15d8e655b3184a9adbd6e6df7a4a662d294e791bb5f1c940
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd
e864e16a895b98022682db953abdf7de2967641b3b79d6ae351a4aa3ae45a71d
f5f1849173595cb702aca041196f241208cf37403241d68f72fb8c3ff071b185
f6a7e38cce81a43404ac746aa84ac0235f65180f73517567a8d09648a8ca4096
f74071d4a8436cc22b7e436067a7c97f24b19279ec686dd5e14530818c76e945
f967ed8c3c78f6426a1f80dcdf318d7a607c5b46c63b2d5e7499deba335117f1
ff3e228989a72a5deb2dd58bca29d5c5ca372f73b02673c6afeb1eb9d7345297

excues.top Open in urlscan Pro 2606:4700:3033::6815:54a4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

73 Requests

93 %HTTPS

38 %IPv6

26 Domains

34 Subdomains

32 IPs

3 Countries

1511 kBTransfer

4426 kBSize

34 Cookies

14 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

excues.top Open in urlscan Pro
2606:4700:3033::6815:54a4 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

93 %
HTTPS

38 %
IPv6

26
Domains

34
Subdomains

32
IPs

3
Countries

1511 kB
Transfer

4426 kB
Size

34
Cookies

73 HTTP transactions
2 data transactions