Submitted URL: https://www.erasemybackpain.com/hop.php?hop=ivracu&clickid=732418131&subid=823080
Effective URL: https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
Submission: On July 11 via manual from US — Scanned from DE

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 46 HTTP transactions. The main IP is 69.167.152.15, located in United States and belongs to LIQUIDWEB, US. The main domain is www.getbacktolifenow.com.
TLS certificate: Issued by R3 on May 18th 2023. Valid for: 3 months.
This is the only time www.getbacktolifenow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
15 getbacktolifenow.com
getbacktolifenow.com
www.getbacktolifenow.com
217 KB
10 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
3 MB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
jnn-pa.googleapis.com — Cisco Umbrella Rank: 289
41 KB
4 cbstatic.net
prod.cbstatic.net — Cisco Umbrella Rank: 111590
65 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
static.doubleclick.net — Cisco Umbrella Rank: 348
1 KB
3 gstatic.com
fonts.gstatic.com
46 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
35 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 236
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 126
85 KB
1 bbb.org
seal-boise.bbb.org — Cisco Umbrella Rank: 109565
5 KB
1 fixbackpain.org
cdn.fixbackpain.org
128 KB
1 clickbank.net
cbtb.clickbank.net — Cisco Umbrella Rank: 108553
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 749
31 KB
1 erasemybackpain.com
www.erasemybackpain.com
171 B
46 14
Domain Requested by
14 www.getbacktolifenow.com 1 redirects www.getbacktolifenow.com
10 www.youtube.com www.getbacktolifenow.com
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
4 prod.cbstatic.net cbtb.clickbank.net
prod.cbstatic.net
3 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
3 cdn.jsdelivr.net www.getbacktolifenow.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
1 yt3.ggpht.com
1 i.ytimg.com
1 seal-boise.bbb.org
1 static.doubleclick.net www.youtube.com
1 cdn.fixbackpain.org www.getbacktolifenow.com
1 cbtb.clickbank.net www.getbacktolifenow.com
1 code.jquery.com www.getbacktolifenow.com
1 fonts.googleapis.com www.getbacktolifenow.com
1 getbacktolifenow.com 1 redirects
1 www.erasemybackpain.com 1 redirects
46 17

This site contains links to these domains. Also see Links.

Domain
www.bbb.org
btlife.pay.clickbank.net
www.backtolifesystem.com
Subject Issuer Validity Valid
webdisk.getbacktolifenow.com
R3
2023-05-18 -
2023-08-16
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
*.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.clickbank.net
Amazon RSA 2048 M01
2023-02-07 -
2024-03-08
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.cbstatic.net
Amazon RSA 2048 M02
2023-02-24 -
2023-09-16
7 months crt.sh
cdn.fixbackpain.org
Sectigo RSA Domain Validation Secure Server CA
2023-05-01 -
2024-05-27
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.bbb.org
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-26 -
2024-04-25
a year crt.sh
edgestatic.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
Frame ID: 104B83E0DE0CAA4FFEC267FEC6DDF587
Requests: 28 HTTP requests in this frame

Frame: https://www.youtube.com/embed/null?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&playsinline=1&loop=1&enablejsapi=1&origin=https%3A%2F%2Fwww.getbacktolifenow.com&widgetid=1
Frame ID: 462FF37ACFA94F5F87400FD640B6B507
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Get Back to Life Now! - Getbacktolife.com

Page URL History Show full URLs

  1. https://www.erasemybackpain.com/hop.php?hop=ivracu&clickid=732418131&subid=823080 HTTP 302
    https://getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080 HTTP 301
    http://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080 HTTP 301
    https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

46
Requests

98 %
HTTPS

73 %
IPv6

14
Domains

17
Subdomains

16
IPs

4
Countries

3274 kB
Transfer

4455 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.erasemybackpain.com/hop.php?hop=ivracu&clickid=732418131&subid=823080 HTTP 302
    https://getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080 HTTP 301
    http://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080 HTTP 301
    https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.getbacktolifenow.com/
Redirect Chain
  • https://www.erasemybackpain.com/hop.php?hop=ivracu&clickid=732418131&subid=823080
  • https://getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
  • http://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
  • https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
26 KB
6 KB
Document
General
Full URL
https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.167.152.15 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.emilylark.com
Software
Apache /
Resource Hash
8fff95624b758efe932f15e6a48d68ad2dea7d966281f42af9019585f41551ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-length
5752
content-type
text/html; charset=UTF-8
date
Tue, 11 Jul 2023 00:08:25 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
291
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 11 Jul 2023 00:08:24 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
Server
Apache
videoplayerstyle.css
www.getbacktolifenow.com/css/
3 KB
708 B
Stylesheet
General
Full URL
https://www.getbacktolifenow.com/css/videoplayerstyle.css
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.167.152.15 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.emilylark.com
Software
Apache /
Resource Hash
3823ea78d0703d955d775fb3aa30b9048792a4a6e8e9a75d0c188fc69a31b5b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:25 GMT
content-encoding
br
last-modified
Mon, 10 Apr 2023 22:17:13 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
641
contentstyle.css
www.getbacktolifenow.com/css/
835 B
411 B
Stylesheet
General
Full URL
https://www.getbacktolifenow.com/css/contentstyle.css
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.167.152.15 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.emilylark.com
Software
Apache /
Resource Hash
f54d79ad476815fa70e528030d7d7122270a7aa597e6885b5df03618ad9e7e0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:25 GMT
content-encoding
br
last-modified
Mon, 10 Apr 2023 22:17:24 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
356
orderbox.css
www.getbacktolifenow.com/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.getbacktolifenow.com/css/orderbox.css
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.167.152.15 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.emilylark.com
Software
Apache /
Resource Hash
7871a5dabf6d604dcbfde15117ded9059a031d7014080678475b2b57498c91e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:25 GMT
content-encoding
br
last-modified
Mon, 10 Apr 2023 22:15:21 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1785
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@3.3.7/dist/css/
118 KB
21 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@3.3.7/dist/css/bootstrap.min.css
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.getbacktolifenow.com/
Origin
https://www.getbacktolifenow.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jul 2023 00:08:25 GMT
x-content-type-options
nosniff
content-encoding
br
age
5957589
x-jsd-version
3.3.7
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21190
x-served-by
cache-fra-eddf8230076-FRA
x-jsd-version-type
version
etag
W/"1d970-ZSfYvz4ek2i6uMe2D1a8Afo6/Wg"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap-theme.min.css
cdn.jsdelivr.net/npm/bootstrap@3.3.7/dist/css/
23 KB
3 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@3.3.7/dist/css/bootstrap-theme.min.css
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.getbacktolifenow.com/
Origin
https://www.getbacktolifenow.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jul 2023 00:08:25 GMT
x-content-type-options
nosniff
content-encoding
br
age
599403
x-jsd-version
3.3.7
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2983
x-served-by
cache-fra-eddf8230076-FRA
x-jsd-version-type
version
etag
W/"5b71-glZXU3T0MEdr3NSd6Yx3mQIpzjE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
css2
fonts.googleapis.com/
25 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44a7c357f29cf1b1e5ad83f61da5600507054f5ae0b73f5fae4bec22fb9ca0cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Jul 2023 00:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 00:08:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jul 2023 00:08:25 GMT
jquery-3.6.4.min.js
code.jquery.com/
88 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.4.min.js
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Referer
https://www.getbacktolifenow.com/
Origin
https://www.getbacktolifenow.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:25 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-15ec3"
vary
Accept-Encoding
x-hw
1689034105.dop120.fr8.t,1689034105.cds340.fr8.hn,1689034105.cds057.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
31011
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@3.3.7/dist/js/
36 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@3.3.7/dist/js/bootstrap.min.js
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.getbacktolifenow.com/
Origin
https://www.getbacktolifenow.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jul 2023 00:08:25 GMT
x-content-type-options
nosniff
content-encoding
br
age
3020632
x-jsd-version
3.3.7
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10608
x-served-by
cache-fra-eddf8230076-FRA
x-jsd-version-type
version
etag
W/"90b5-QwpEPXSDD+m+Ju/KQx9EjBs3QPk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
iframe_api
www.youtube.com/
1006 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba4dde2c5e2251033818c4f743e6bb20635f9c2ea216bd000b7b882bb9bb4e62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 11 Jul 2023 00:08:25 GMT
/
cbtb.clickbank.net/
936 B
1 KB
Script
General
Full URL
https://cbtb.clickbank.net/?vendor=btlife
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.102.248 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-102-248.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a3ba10e614083832f41494e71b4c53bd738a88a9ffd6f9a0c785348ec389527c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:25 GMT
cache-control
max-age=900
server
Apache
content-length
936
content-type
text/javascript;charset=UTF-8
background-new-compress-v2.avif
www.getbacktolifenow.com/images/
8 KB
8 KB
Image
General
Full URL
https://www.getbacktolifenow.com/images/background-new-compress-v2.avif
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/css/contentstyle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.167.152.15 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.emilylark.com
Software
Apache /
Resource Hash
21430c366101d0f9b4e89fef918f6a5dd57b11476b708a7dde309bfa4d26d306

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/css/contentstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:25 GMT
content-encoding
br
last-modified
Thu, 13 Apr 2023 19:17:18 GMT
server
Apache
accept-ranges
bytes
content-length
7990
vary
Accept-Encoding
background-new-compress-v2.webp
www.getbacktolifenow.com/images/
25 KB
23 KB
Image
General
Full URL
https://www.getbacktolifenow.com/images/background-new-compress-v2.webp
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/css/contentstyle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.167.152.15 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.emilylark.com
Software
Apache /
Resource Hash
b0f47b8267c895946de7d5b0e592c083d55c6ce74b13533443d1b28812bdc5e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/css/contentstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:25 GMT
content-encoding
br
last-modified
Thu, 13 Apr 2023 19:17:17 GMT
server
Apache
vary
Accept-Encoding
content-type
image/webp
accept-ranges
bytes
content-length
24012
background-new-compress-v2.jpg
www.getbacktolifenow.com/images/
39 KB
39 KB
Image
General
Full URL
https://www.getbacktolifenow.com/images/background-new-compress-v2.jpg
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/css/contentstyle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.167.152.15 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.emilylark.com
Software
Apache /
Resource Hash
17dbb5790d94003145941a104bd222a03c97682e7f138e32a8f9e28b2d29e267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/css/contentstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:25 GMT
last-modified
Thu, 13 Apr 2023 19:17:18 GMT
server
Apache
accept-ranges
bytes
content-length
40132
content-type
image/jpeg
bg-overlay-btl.avif
www.getbacktolifenow.com/images/
16 KB
16 KB
Image
General
Full URL
https://www.getbacktolifenow.com/images/bg-overlay-btl.avif
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/css/videoplayerstyle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.167.152.15 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.emilylark.com
Software
Apache /
Resource Hash
8aabac4f42bfbe572f1dadbda6d1135b86f9406b6dcbdc63129fafeabfc0abd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/css/videoplayerstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:25 GMT
content-encoding
br
last-modified
Thu, 13 Apr 2023 19:17:17 GMT
server
Apache
accept-ranges
bytes
content-length
15996
vary
Accept-Encoding
bg-overlay-btl.webp
www.getbacktolifenow.com/images/
32 KB
31 KB
Image
General
Full URL
https://www.getbacktolifenow.com/images/bg-overlay-btl.webp
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/css/videoplayerstyle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.167.152.15 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.emilylark.com
Software
Apache /
Resource Hash
027441a6f3f49e3ead0ecfe713fd651fbe36c277620821ce2935577600aa7d61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/css/videoplayerstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:25 GMT
content-encoding
br
last-modified
Thu, 13 Apr 2023 19:17:17 GMT
server
Apache
vary
Accept-Encoding
content-type
image/webp
accept-ranges
bytes
content-length
31801
bg-overlay-btl.png
www.getbacktolifenow.com/images/
42 KB
42 KB
Image
General
Full URL
https://www.getbacktolifenow.com/images/bg-overlay-btl.png
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/css/videoplayerstyle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.167.152.15 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.emilylark.com
Software
Apache /
Resource Hash
a03f24d4c7a35cc970cdced772352999447285cebd882a880b91eaa629994f63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/css/videoplayerstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:25 GMT
last-modified
Thu, 13 Apr 2023 19:17:15 GMT
server
Apache
accept-ranges
bytes
content-length
42759
content-type
image/png
bg-overlay-btl-mobile.avif
www.getbacktolifenow.com/images/
9 KB
9 KB
Image
General
Full URL
https://www.getbacktolifenow.com/images/bg-overlay-btl-mobile.avif
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/css/videoplayerstyle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.167.152.15 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.emilylark.com
Software
Apache /
Resource Hash
3d4a94c25a21e66c92d399af96396fc9f272283736c0a94173c609f17fd06d36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/css/videoplayerstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:25 GMT
content-encoding
br
last-modified
Thu, 13 Apr 2023 19:17:17 GMT
server
Apache
accept-ranges
bytes
content-length
9387
vary
Accept-Encoding
bg-overlay-btl-mobile.webp
www.getbacktolifenow.com/images/
16 KB
16 KB
Image
General
Full URL
https://www.getbacktolifenow.com/images/bg-overlay-btl-mobile.webp
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/css/videoplayerstyle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.167.152.15 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.emilylark.com
Software
Apache /
Resource Hash
de00fe9deaf74c705759d218ff194a0ce4a55d48565f41538f2dce50da6f05e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/css/videoplayerstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:25 GMT
content-encoding
br
last-modified
Thu, 13 Apr 2023 19:17:17 GMT
server
Apache
vary
Accept-Encoding
content-type
image/webp
accept-ranges
bytes
content-length
16338
bg-overlay-btl-mobile.png
www.getbacktolifenow.com/images/
24 KB
24 KB
Image
General
Full URL
https://www.getbacktolifenow.com/images/bg-overlay-btl-mobile.png
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/css/videoplayerstyle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.167.152.15 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.emilylark.com
Software
Apache /
Resource Hash
8e33c644aeb4e3c44a2d06d7d68480438c13488022b58259b0cbd2345569bfa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/css/videoplayerstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:25 GMT
last-modified
Thu, 13 Apr 2023 19:17:15 GMT
server
Apache
accept-ranges
bytes
content-length
24601
content-type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.getbacktolifenow.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 22:16:07 GMT
x-content-type-options
nosniff
age
352338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jul 2024 22:16:07 GMT
www-widgetapi.js
www.youtube.com/s/player/f2f137c6/www-widgetapi.vflset/
203 KB
63 KB
Script
General
Full URL
https://www.youtube.com/s/player/f2f137c6/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9811e7fd34b988c9cdd407f944154f52be1c39c1a3221f68dd583cf875b3450a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 21:39:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
8957
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64337
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 01:48:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 Jul 2024 21:39:08 GMT
null
www.youtube.com/embed/ Frame 462F
45 KB
13 KB
Document
General
Full URL
https://www.youtube.com/embed/null?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&playsinline=1&loop=1&enablejsapi=1&origin=https%3A%2F%2Fwww.getbacktolifenow.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f2f137c6/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3619efe32f70a3034406dba94d8296e28ae75ca06526ae2deacc54dde1058563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.getbacktolifenow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 00:08:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/f2f137c6/ Frame 462F
376 KB
47 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/f2f137c6/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/null?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&playsinline=1&loop=1&enablejsapi=1&origin=https%3A%2F%2Fwww.getbacktolifenow.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd4092bacea7c442fc5033af93696fb2544bc58e71bf9eb40658694fd464f4a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/null?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&playsinline=1&loop=1&enablejsapi=1&origin=https%3A%2F%2Fwww.getbacktolifenow.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 07:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
60447
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47941
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 01:48:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 Jul 2024 07:20:58 GMT
www-embed-player.js
www.youtube.com/s/player/f2f137c6/www-embed-player.vflset/ Frame 462F
311 KB
93 KB
Script
General
Full URL
https://www.youtube.com/s/player/f2f137c6/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/null?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&playsinline=1&loop=1&enablejsapi=1&origin=https%3A%2F%2Fwww.getbacktolifenow.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63e7450a89e66a53c8e02170ecd4a746fdb98b075d540b0537b79df6f63ffdf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/null?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&playsinline=1&loop=1&enablejsapi=1&origin=https%3A%2F%2Fwww.getbacktolifenow.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 23:11:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3437
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95618
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 01:48:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 Jul 2024 23:11:08 GMT
base.js
www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/ Frame 462F
2 MB
2 MB
Script
General
Full URL
https://www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/null?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&playsinline=1&loop=1&enablejsapi=1&origin=https%3A%2F%2Fwww.getbacktolifenow.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
351f8ad90f9ab93eae3461926df367e60e8bc2a805490a7a6965be7540050daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/null?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&playsinline=1&loop=1&enablejsapi=1&origin=https%3A%2F%2Fwww.getbacktolifenow.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 07:21:26 GMT
x-content-type-options
nosniff
age
60419
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2425564
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 01:48:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 Jul 2024 07:21:26 GMT
fetch-polyfill.js
www.youtube.com/s/player/f2f137c6/fetch-polyfill.vflset/ Frame 462F
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/f2f137c6/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/null?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&playsinline=1&loop=1&enablejsapi=1&origin=https%3A%2F%2Fwww.getbacktolifenow.com&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/null?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&playsinline=1&loop=1&enablejsapi=1&origin=https%3A%2F%2Fwww.getbacktolifenow.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 22:24:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
6257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2625
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 01:48:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 Jul 2024 22:24:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 462F
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/null?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&playsinline=1&loop=1&enablejsapi=1&origin=https%3A%2F%2Fwww.getbacktolifenow.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 00:54:58 GMT
x-content-type-options
nosniff
age
256407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jul 2024 00:54:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 462F
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/null?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&playsinline=1&loop=1&enablejsapi=1&origin=https%3A%2F%2Fwww.getbacktolifenow.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 20:23:37 GMT
x-content-type-options
nosniff
age
531888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jul 2024 20:23:37 GMT
injectable.js
prod.cbstatic.net/dist/
187 KB
57 KB
Script
General
Full URL
https://prod.cbstatic.net/dist/injectable.js
Requested by
Host: cbtb.clickbank.net
URL: https://cbtb.clickbank.net/?vendor=btlife
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:26 GMT
x-amz-version-id
RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
content-encoding
gzip
last-modified
Mon, 21 Dec 2020 21:57:37 GMT
server
AmazonS3
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"af651c30e1a69f6f2124e9c1d094a300"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
DBaHIT8UGsUZqRguzBVsZ5M9KVktAgU5L_It2uaD95FgCxSoeEsihA==
Chair-Desktop-Fast.mp4
cdn.fixbackpain.org/lander/
127 KB
128 KB
Media
General
Full URL
https://cdn.fixbackpain.org/lander/Chair-Desktop-Fast.mp4
Requested by
Host: www.getbacktolifenow.com
URL: https://www.getbacktolifenow.com/?hop=ivracu&clickid=732418131&subid=823080
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
cloudflare /
Resource Hash
a31408a5bde1673ed37ac98d92ea5a45f99805080d083df708d5d4cbaf107357

Request headers

Referer
https://www.getbacktolifenow.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 11 Jul 2023 00:08:25 GMT
CF-Cache-Status
BYPASS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-130228/130229
Connection
Keep-Alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
130229
Last-Modified
Fri, 31 Mar 2023 00:24:47 GMT
Server
cloudflare
etag
"6426284f-1fcb5"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S74iadofPeY4FJAlvtJQmb8W6%2F05qlxCIOdvqJtJHhwf3ddmuKMoWAixxoCdqIeoQ4ogXnWf56wbVhjMZFfNDnHR5a%2FXQo5XlSb4BnPVzVO%2FS2CdY%2BRHSvnZlkyC9CE7bpI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
video/mp4
X-HW
1689034105.dop123.fr8.t,1689034105.cds056.fr8.shn,1689034105.dop123.fr8.t,1689034105.cds290.fr8.c
Cache-Control
public
Accept-Ranges
bytes
CF-RAY
7b7d96467cfa3aa3-FRA
id
googleads.g.doubleclick.net/pagead/ Frame 462F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/null?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&playsinline=1&loop=1&enablejsapi=1&origin=https%3A%2F%2Fwww.getbacktolifenow.com&widgetid=1
Protocol
H2
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
502df45d92556d7e6c5efc41751cd933e304c980626bedca53a4720b4ebb5c65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 11 Jul 2023 00:08:25 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 462F
29 B
495 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f2f137c6/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 23:59:04 GMT
x-content-type-options
nosniff
age
561
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 00:14:04 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 11 Jul 2023 00:08:25 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 462F
84 KB
39 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7cf3f2535957c201b58bf87f121b28b979713da2e9c3273a17d3bcd3420e7bb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 11 Jul 2023 00:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39620
x-xss-protection
0
embed.js
www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/ Frame 462F
28 KB
8 KB
Script
General
Full URL
https://www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1276c576f6bac7f4ee8863f76468b8c53a3169d557fb2dcdf474e9eda3fd833d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/null?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&playsinline=1&loop=1&enablejsapi=1&origin=https%3A%2F%2Fwww.getbacktolifenow.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 07:21:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
60418
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8141
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 01:48:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 09 Jul 2024 07:21:27 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 11 Jul 2023 00:08:26 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 462F
90 B
134 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ce968271007c10ca7a8addcb978ce687cae3eb55541aa1e58021dd90d5bc8199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 11 Jul 2023 00:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
app-strings-en.json
prod.cbstatic.net/dist/i18n/
9 B
435 B
XHR
General
Full URL
https://prod.cbstatic.net/dist/i18n/app-strings-en.json
Requested by
Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c

Request headers

Accept
application/json
Referer
https://www.getbacktolifenow.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:27 GMT
x-amz-version-id
ZlnvsWVay.azLO76UGrGFfzKmZRJT9PH
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"cdfca8b09e61ae7324e48f01984c9b34"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Origin
content-length
9
x-amz-cf-id
FEFugt4_fs4c_yKG13tEQ3xRa3YUYaJuMONE4Opp9Xvn3qAa1Ft0tg==
logo-header-two-tone-en.png
prod.cbstatic.net/dist/assets/
3 KB
4 KB
Image
General
Full URL
https://prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:27 GMT
x-amz-version-id
rgVoO.sKTwEpJN65bYI.UT4E8UVMZSpC
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"47cdefc96f75be3d978d4b444737b00e"
x-cache
Miss from cloudfront
content-type
image/png
content-length
3472
x-amz-cf-id
cRmlGXuXUjUb0U0JQRc42zXnaeQlSI-GB-avvHpQj3wN8zqecC5M_A==
logo-tab-two-tone-en.png
prod.cbstatic.net/dist/assets/
4 KB
5 KB
Image
General
Full URL
https://prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:27 GMT
x-amz-version-id
65GBUS1AcRJNN3GRB3Nf3yY51OsdERt0
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"c06ae1ecaaf7e0610c68af117658a7e0"
x-cache
Miss from cloudfront
content-type
image/png
content-length
4341
x-amz-cf-id
40U2KgfovEV-BkFBOlxbpAnWTz7O0K2zdN56uAojTIqgMbMZRId-jQ==
blue-seal-153-100-clickbank-5004291.png
seal-boise.bbb.org/seals/
4 KB
5 KB
Image
General
Full URL
https://seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine / ASP.NET
Resource Hash
2879dda234a0c535f2038ad9471a248ecb896c5289e84a3e713bf9c65dcc929a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.getbacktolifenow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:26 GMT
last-modified
Fri, 16 Jun 2023 05:55:21 GMT
server
keycdn-engine
x-aspnet-version
4.0.30319
x-edge-location
defr
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noindex
x-shield
active
content-length
4407
expires
Tue, 11 Jul 2023 04:08:26 GMT
embedded_player
www.youtube.com/youtubei/v1/ Frame 462F
31 KB
19 KB
Fetch
General
Full URL
https://www.youtube.com/youtubei/v1/embedded_player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f2f137c6/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
360f90f5072b7b04637e68f2f8b1bc6900e1e2ac29f330e4bf2b1448fc414d9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Youtube-Bootstrap-Logged-In
false
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json
Referer
https://www.youtube.com/embed/null?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&playsinline=1&loop=1&enablejsapi=1&origin=https%3A%2F%2Fwww.getbacktolifenow.com&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20230704.00.00
X-Goog-Visitor-Id
CgtLc1h3NVB6UVZtcyj5urKlBg%3D%3D

Response headers

date
Tue, 11 Jul 2023 00:08:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19132
x-xss-protection
0
expires
Tue, 11 Jul 2023 00:08:26 GMT
maxresdefault.jpg
i.ytimg.com/vi/2DHR__dX4Eo/ Frame 462F
84 KB
85 KB
Image
General
Full URL
https://i.ytimg.com/vi/2DHR__dX4Eo/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgTyhDMA8=&rs=AOn4CLDantlPILZChzRcaE92B1IOn9weYg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7166fa7b72b32cecaecba7abe0a14fd145cfea391fcf67367b3c4561cc9ae153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 00:08:26 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86295
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 11 Jul 2023 02:08:26 GMT
truncated
/ Frame 462F
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
AOPolaTvBWWKVOKNFpPvQb5uKila6qqHVhtoqWJRBk1PqQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 462F
3 KB
3 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AOPolaTvBWWKVOKNFpPvQb5uKila6qqHVhtoqWJRBk1PqQ=s68-c-k-c0x00ffffff-no-rj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dcfd204e36353527009ad309029945a9559532635e37a06cecfb5dd9d6e7bbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 23:28:46 GMT
x-content-type-options
nosniff
age
2380
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3090
x-xss-protection
0
server
fife
etag
"v2d7"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 11 Jul 2023 23:28:46 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 462F
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f2f137c6/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-Goog-Request-Time
1689034108027
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/null?autoplay=0&controls=0&rel=0&modestbranding=1&showinfo=0&wmode=transparent&playsinline=1&loop=1&enablejsapi=1&origin=https%3A%2F%2Fwww.getbacktolifenow.com&widgetid=1
X-YouTube-Client-Version
1.20230704.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtLc1h3NVB6UVZtcyj5urKlBg%3D%3D
X-YouTube-Ad-Signals
dt=1689034105434&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C894%2C503&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 11 Jul 2023 00:08:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Tue, 11 Jul 2023 00:08:28 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| getQueryParam function| setCookie function| getCookie string| userDevice function| isiPhone function| handleImageError function| iphoneImageFallback function| onYouTubeIframeAPIReady function| onPlayerReady function| onPlayerStateChange function| startLoggingCurrentTime function| stopLoggingCurrentTime function| timerPop object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ undefined| Handlebars object| JSON3 undefined| returnExports function| cbtb

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: _x4jG3eAFxQ
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: KsXw5PzQVms
cbtb.clickbank.net/ Name: AWSALBCORS
Value: CUo4Va7PsEdYRliqnAOlK1uGCAHhTx/GN7Rah++fcWD1VCkXjgWfohBXh6vOMxxuD5N0AcjYBueNnB7m+H8G8HLe/kLAwcayCc+aJygFpLOkNbLH4XgmmDO/x2hd

2 Console Messages

Source Level URL
Text
other warning URL: https://www.youtube.com/s/player/f2f137c6/www-widgetapi.vflset/www-widgetapi.js(Line 1178)
Message:
Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cbtb.clickbank.net
cdn.fixbackpain.org
cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
getbacktolifenow.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
prod.cbstatic.net
seal-boise.bbb.org
static.doubleclick.net
www.erasemybackpain.com
www.getbacktolifenow.com
www.youtube.com
yt3.ggpht.com
143.204.215.66
2001:4de0:ac18::1:a:3a
2a00:1450:4001:806::2016
2a00:1450:4001:80b::200a
2a00:1450:4001:810::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a04:4e42:400::485
2a0b:4d07:101::1
54.149.102.248
69.16.175.42
69.167.152.15
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c
027441a6f3f49e3ead0ecfe713fd651fbe36c277620821ce2935577600aa7d61
1276c576f6bac7f4ee8863f76468b8c53a3169d557fb2dcdf474e9eda3fd833d
17dbb5790d94003145941a104bd222a03c97682e7f138e32a8f9e28b2d29e267
21430c366101d0f9b4e89fef918f6a5dd57b11476b708a7dde309bfa4d26d306
2879dda234a0c535f2038ad9471a248ecb896c5289e84a3e713bf9c65dcc929a
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb
351f8ad90f9ab93eae3461926df367e60e8bc2a805490a7a6965be7540050daa
360f90f5072b7b04637e68f2f8b1bc6900e1e2ac29f330e4bf2b1448fc414d9c
3619efe32f70a3034406dba94d8296e28ae75ca06526ae2deacc54dde1058563
3823ea78d0703d955d775fb3aa30b9048792a4a6e8e9a75d0c188fc69a31b5b8
3d4a94c25a21e66c92d399af96396fc9f272283736c0a94173c609f17fd06d36
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44a7c357f29cf1b1e5ad83f61da5600507054f5ae0b73f5fae4bec22fb9ca0cd
502df45d92556d7e6c5efc41751cd933e304c980626bedca53a4720b4ebb5c65
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
63e7450a89e66a53c8e02170ecd4a746fdb98b075d540b0537b79df6f63ffdf6
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7166fa7b72b32cecaecba7abe0a14fd145cfea391fcf67367b3c4561cc9ae153
7871a5dabf6d604dcbfde15117ded9059a031d7014080678475b2b57498c91e0
7cf3f2535957c201b58bf87f121b28b979713da2e9c3273a17d3bcd3420e7bb6
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308
8aabac4f42bfbe572f1dadbda6d1135b86f9406b6dcbdc63129fafeabfc0abd2
8e33c644aeb4e3c44a2d06d7d68480438c13488022b58259b0cbd2345569bfa3
8fff95624b758efe932f15e6a48d68ad2dea7d966281f42af9019585f41551ab
9811e7fd34b988c9cdd407f944154f52be1c39c1a3221f68dd583cf875b3450a
a03f24d4c7a35cc970cdced772352999447285cebd882a880b91eaa629994f63
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a31408a5bde1673ed37ac98d92ea5a45f99805080d083df708d5d4cbaf107357
a3ba10e614083832f41494e71b4c53bd738a88a9ffd6f9a0c785348ec389527c
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
b0f47b8267c895946de7d5b0e592c083d55c6ce74b13533443d1b28812bdc5e7
ba4dde2c5e2251033818c4f743e6bb20635f9c2ea216bd000b7b882bb9bb4e62
ce968271007c10ca7a8addcb978ce687cae3eb55541aa1e58021dd90d5bc8199
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dcfd204e36353527009ad309029945a9559532635e37a06cecfb5dd9d6e7bbe6
de00fe9deaf74c705759d218ff194a0ce4a55d48565f41538f2dce50da6f05e4
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f54d79ad476815fa70e528030d7d7122270a7aa597e6885b5df03618ad9e7e0b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fd4092bacea7c442fc5033af93696fb2544bc58e71bf9eb40658694fd464f4a4