useortomed.com Open in urlscan Pro
23.227.38.32 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://useortomed.com/
Effective URL:
https://useortomed.com/
Submission: On October 26 via api (October 26th 2021, 5:44:17 pm UTC) from US — Scanned from DE

Summary HTTP 131 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 31 IPs in 7 countries across 29 domains to perform 131 HTTP transactions. The main IP is 23.227.38.32, located in Canada and belongs to CLOUDFLARENET, US. The main domain is useortomed.com.
TLS certificate: Issued by R3 on September 22nd 2021. Valid for: 3 months.

This is the only time useortomed.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 11	23.227.38.32 23.227.38.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2a04:4e42:400... 2a04:4e42:400::268	54113 (FASTLY) (FASTLY)
15	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
6	104.198.248.251 104.198.248.251	15169 (GOOGLE) (GOOGLE)
1	52.222.139.97 52.222.139.97	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:480e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3035::6815:e4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2770:16:... 2a02:2770:16:0:21a:4aff:fedc:c1bf	196752 (TILAA) (TILAA)
1	2620:2:6000::... 2620:2:6000::bad:dab:cafe	395409 (NEOCITIES) (NEOCITIES)
3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
16	2.16.186.242 2.16.186.242	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	52.0.47.140 52.0.47.140	14618 (AMAZON-AES) (AMAZON-AES)
1	54.233.141.230 54.233.141.230	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:710... 2a02:26f0:7100:1b9::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1 9	104.84.56.209 104.84.56.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::2010	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.243.189.2 162.243.189.2	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	13.227.220.58 13.227.220.58	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::200d	15169 (GOOGLE) (GOOGLE)
1	13.227.220.111 13.227.220.111	16509 (AMAZON-02) (AMAZON-02)
131	31

11 23.227.38.32 (Canada) 1 redirects

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com

useortomed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a04:4e42:400::268 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.shopifycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.198.248.251 (United States)

ASN15169 (GOOGLE, US)
PTR: 251.248.198.104.bc.googleusercontent.com

monorail-edge.shopifysvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.97 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-97.ams50.r.cloudfront.net

www.mercadopago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:480e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.yampi.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:e4f (United States)

ASN13335 (CLOUDFLARENET, US)

api.dsreviews.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2770:16:0:21a:4aff:fedc:c1bf (Netherlands)

ASN196752 (TILAA, NL)

myip.wtf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:2:6000::bad:dab:cafe (United States)

ASN395409 (NEOCITIES, US)

rawart.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2.16.186.242 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-242.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.0.47.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-47-140.compute-1.amazonaws.com

api.mercadopago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.233.141.230 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-233-141-230.sa-east-1.compute.amazonaws.com

api.dooki.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:1b9::1931 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.84.56.209 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4616 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn1.avada.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.243.189.2 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: nyc3.digitaloceanspaces.com

empreender.nyc3.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.227.220.58 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-220-58.ams54.r.cloudfront.net

www.mercadolibre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.220.111 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-220-111.ams54.r.cloudfront.net

www.mercadolivre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	shopify.com cdn.shopify.com	787 KB
16	tiktok.com analytics.tiktok.com	91 KB
15	jsdelivr.net cdn.jsdelivr.net	112 KB
11	useortomed.com 1 redirects useortomed.com	382 KB
7	google.com 2 redirects www.google.com accounts.google.com	2 KB
6	google.de www.google.de	1 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	5 KB
6	shopifysvc.com monorail-edge.shopifysvc.com	3 KB
5	pinterest.com 1 redirects ct.pinterest.com www.pinterest.com	3 KB
5	mercadopago.com www.mercadopago.com api.mercadopago.com	15 KB
4	mercadolibre.com www.mercadolibre.com	6 KB
4	pinterest.de www.pinterest.de	14 KB
4	google-analytics.com www.google-analytics.com	40 KB
4	taboola.com cdn.taboola.com trc.taboola.com	17 KB
3	googleadservices.com www.googleadservices.com	30 KB
3	googletagmanager.com www.googletagmanager.com	112 KB
2	pinimg.com s.pinimg.com	19 KB
2	dsreviews.net api.dsreviews.net	18 KB
2	cloudflare.com cdnjs.cloudflare.com	44 KB
1	mercadolivre.com www.mercadolivre.com	821 B
1	digitaloceanspaces.com empreender.nyc3.digitaloceanspaces.com	462 B
1	avada.io cdn1.avada.io	2 KB
1	googleapis.com storage.googleapis.com	10 KB
1	dooki.com.br api.dooki.com.br	680 B
1	shopifycdn.com fonts.shopifycdn.com	23 KB
1	rawart.com.br rawart.com.br	20 KB
1	myip.wtf myip.wtf	364 B
1	yampi.me cdn.yampi.me	1 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	6 KB
131	29

	Domain	Requested by
22	cdn.shopify.com	useortomed.com cdn.shopify.com
16	analytics.tiktok.com	useortomed.com analytics.tiktok.com
15	cdn.jsdelivr.net	useortomed.com
11	useortomed.com	1 redirects cdn1.avada.io
6	www.google.de	useortomed.com
6	www.google.com	2 redirects useortomed.com
6	monorail-edge.shopifysvc.com	cdn.shopify.com
4	www.mercadolibre.com	cdn.shopify.com useortomed.com www.mercadolibre.com
4	www.pinterest.de	s.pinimg.com useortomed.com
4	ct.pinterest.com	cdn.shopify.com useortomed.com
4	www.google-analytics.com	cdn.shopify.com useortomed.com www.googletagmanager.com
4	api.mercadopago.com	cdn.shopify.com
4	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
3	trc.taboola.com	cdn.shopify.com
3	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
3	www.googletagmanager.com	useortomed.com storage.googleapis.com www.googletagmanager.com
2	stats.g.doubleclick.net	cdn.shopify.com
2	s.pinimg.com	cdn.shopify.com s.pinimg.com
2	api.dsreviews.net	useortomed.com
2	cdnjs.cloudflare.com	useortomed.com
1	www.mercadolivre.com
1	accounts.google.com
1	www.pinterest.com	1 redirects
1	empreender.nyc3.digitaloceanspaces.com	useortomed.com
1	cdn1.avada.io	useortomed.com
1	storage.googleapis.com	useortomed.com
1	api.dooki.com.br	cdn.shopify.com
1	fonts.shopifycdn.com	useortomed.com
1	rawart.com.br	useortomed.com
1	myip.wtf	cdn.shopify.com
1	cdn.yampi.me	useortomed.com
1	www.mercadopago.com	useortomed.com
1	cdn.taboola.com	useortomed.com
1	maxcdn.bootstrapcdn.com	useortomed.com
131	34

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
www.facebook.com
pinterest.com
transparencyreport.google.com
www.instagram.com
orbeecom.com

Subject Issuer	Validity	Valid
useortomed.com R3	`2021-09-22` - `2021-12-21`	3 months	crt.sh
cdn.shopify.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
monorail-edge.shopifysvc.com R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
www.mercadopago.com DigiCert SHA2 Extended Validation Server CA	`2021-02-22` - `2022-03-01`	a year	crt.sh
*.dsreviews.net R3	`2021-09-23` - `2021-12-22`	3 months	crt.sh
wtfismyip.com R3	`2021-10-25` - `2022-01-23`	3 months	crt.sh
rawart.com.br R3	`2021-10-23` - `2022-01-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.tiktok.com RapidSSL RSA CA 2018	`2019-11-14` - `2022-01-12`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
api.mercadopago.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2022-02-25`	2 years	crt.sh
dooki.com.br Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.nyc3.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-22` - `2022-05-23`	a year	crt.sh
www.mercadolibre.com DigiCert SHA2 Extended Validation Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.mercadolivre.com DigiCert SHA2 Extended Validation Server CA	`2021-02-24` - `2022-02-27`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://useortomed.com/
Frame ID: B345D33438B9561312F40045ACD730D4
Requests: 124 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: 719A85AF4792FDC59346919E21A9C1AF
Requests: 4 HTTP requests in this frame

Frame: https://www.mercadolibre.com/jms/lgz/background?dps=armor.c064648a8a770c0aba42fb1511c6c0f28cde82b6ad028a1559e9ced3ee566ea6512f259ae06802bbc7efe6bee29f928693be4c78c27f2ab4ad5bd0cb38725ee39dddd5618100092e9b52cbf36795c3ab.316e679713911132459bc581cbeb0f30
Frame ID: DA5C3AE0F25A3BC14ADE4ACE7F824BBA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ortomed

Page URL History Show full URLs

http://useortomed.com/ HTTP 301
https://useortomed.com/ Page URL

Detected technologies

Nuvemshop (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

Nuvem

Shopify (Ecommerce) Expand

Overall confidence: 25%
Detected patterns

<link[^>]+=['"]//cdn\.shopify\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

FancyBox (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

131
Requests

100 %
HTTPS

60 %
IPv6

29
Domains

34
Subdomains

31
IPs

7
Countries

1760 kB
Transfer

3351 kB
Size

20
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=5522981333516&text=Ola%20Preciso%20de%20ajuda
Title: (22) 98160-4416

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://useortomed.com/products/chinelo-nuvem-confort-ortopedico-plus-no-brasil
Title: Compartilhar com Facebook

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://useortomed.com/products/chinelo-nuvem-confort-ortopedico-plus-no-brasil&media=//cdn.shopify.com/s/files/1/0087/3906/1837/products/ChineloNuvemLaranja_809489af-d190-468c-9aa5-78a1e5622814_x1500.jpg?v=1634760023&description=Chinelo%20Nuvem%20Ortop%C3%A9dico%20Comfort%20Plus
Title: Compartilhar com Pinterest

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Chinelo%20Nuvem%20Ortop%C3%A9dico%20Comfort%20Plus%20-%20https://useortomed.com/products/chinelo-nuvem-confort-ortopedico-plus-no-brasil%20
Title: Compartilhar com Whatsapp

Search URL Search Domain Scan URL

URL: https://transparencyreport.google.com/safe-browsing/search?url=https://useortomed.com%2F&hl=pt_BR

Search URL Search Domain Scan URL

URL: https://www.instagram.com/useortomed/

Search URL Search Domain Scan URL

URL: https://orbeecom.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://useortomed.com/ HTTP 301
https://useortomed.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/397309586/?random=1489117009&cv=9&fst=1635270250499&num=1&value=0&label=BdMrCNfSmfcCEJLtub0B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fuseortomed.com%2F&tiba=Ortomed&auid=1121312130.1635270250&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=aj54YcSMH9qNgAeV8KSQDw&sscte=1&crd=&eitems=ChAI8M7eiwYQ3afxtIrIovR7Eh0A5R_u_b4AiCW39rinrKKYKswWvyjI_5CkrhmR4A HTTP 302
https://www.google.com/pagead/1p-conversion/397309586/?random=1489117009&cv=9&fst=1635270250499&num=1&value=0&label=BdMrCNfSmfcCEJLtub0B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fuseortomed.com%2F&tiba=Ortomed&auid=1121312130.1635270250&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=aj54YcSMH9qNgAeV8KSQDw&eitems=ChAI8M7eiwYQ3afxtIrIovR7Eh0A5R_u_f86xMzd-1cQf_FPpUcpeM2bClobSAJ7zQ&random=1307214708&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/397309586/?random=1489117009&cv=9&fst=1635270250499&num=1&value=0&label=BdMrCNfSmfcCEJLtub0B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fuseortomed.com%2F&tiba=Ortomed&auid=1121312130.1635270250&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=aj54YcSMH9qNgAeV8KSQDw&eitems=ChAI8M7eiwYQ3afxtIrIovR7Eh0A5R_u_f86xMzd-1cQf_FPpUcpeM2bClobSAJ7zQ&random=1307214708&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 95

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.de/ct.html

Request Chain 110

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/397309586/?random=1635270251646&cv=9&fst=1635270251646&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dpage_view%3Becomm_pagetype%3Dhome%3Becomm_prodid%3Dshopify_BR_6673158602829_39515404402765%2Cshopify_BR_6667603181645_39482549108813%3Becomm_totalvalue%3D389.80&frm=0&url=https%3A%2F%2Fuseortomed.com%2F&tiba=Ortomed&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/397309586/?random=1635270251646&cv=9&fst=1635267600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dpage_view%3Becomm_pagetype%3Dhome%3Becomm_prodid%3Dshopify_BR_6673158602829_39515404402765%2Cshopify_BR_6667603181645_39482549108813%3Becomm_totalvalue%3D389.80&frm=0&url=https%3A%2F%2Fuseortomed.com%2F&tiba=Ortomed&async=1&is_vtc=1&random=1622936021&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/397309586/?random=1635270251646&cv=9&fst=1635267600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dpage_view%3Becomm_pagetype%3Dhome%3Becomm_prodid%3Dshopify_BR_6673158602829_39515404402765%2Cshopify_BR_6667603181645_39482549108813%3Becomm_totalvalue%3D389.80&frm=0&url=https%3A%2F%2Fuseortomed.com%2F&tiba=Ortomed&async=1&is_vtc=1&random=1622936021&resp=GooglemKTybQhCsO&ipr=y

131 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
useortomed.com/
Redirect Chain

http://useortomed.com/
https://useortomed.com/

295 KB
37 KB

638ms
579ms

Document
text/html

23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

80c787474f650180d90c719b89f622740a2af300751b1aab91f141b5ecf7119b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: useortomed.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 76
x-sorting-hat-shopid: 8739061837
x-storefront-renderer-rendered: 1
set-cookie: secure_customer_sig=; path=/; expires=Wed, 26 Oct 2022 17:44:09 GMT; secure; HttpOnly _shopify_evids=pv%3D117828794b95bc01b091fad5b84e07671866aa7f79dc8f383ffc09150cf5cadf; path=/ _orig_referrer=; Expires=Tue, 09-Nov-21 17:44:10 GMT; Domain=useortomed.com; Path=/; HttpOnly; SameSite=Lax _landing_page=%2F; Expires=Tue, 09-Nov-21 17:44:10 GMT; Domain=useortomed.com; Path=/; HttpOnly; SameSite=Lax _y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:10 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:10 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:10 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:10 GMT; Domain=useortomed.com; Path=/; SameSite=Lax
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-shopify-request-trackable: true
x-alternate-cache-key: cacheable:01175f1728b2c1eb0b1471a913d14487
x-cache: miss
x-frame-options: DENY
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
strict-transport-security: max-age=7889238
x-shopid: 8739061837
x-shardid: 76
vary: Accept
content-language: pt-BR
x-shopify-stage: production
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-request-id: 6a3d34df-f0c3-4d8b-9416-696c66f52256
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-download-options: noopen
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a457db37a9735e3-MAN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Tue, 26 Oct 2021 17:44:09 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Sorting-Hat-PodId: 76
X-Sorting-Hat-ShopId: 8739061837
X-Storefront-Renderer-Rendered: 1
Location: https://useortomed.com/
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'none';
X-ShopId: 8739061837
X-ShardId: 76
Vary: Accept
X-Shopify-Stage: production
X-Dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
X-Request-ID: 3bfb65d5-bf9c-4810-966f-87b7904aef68
X-XSS-Protection: 1; mode=block
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6a457db21a4a54a0-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 all-by-quicklify.min.css
cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/ 0
732 B 62ms
18ms Stylesheet
text/css 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/all-by-quicklify.min.css?v=11160318154034397263

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 1
x-xss-protection: 1; mode=block
x-request-id: 9913f830cb7525b5e09f1a93cf2a26e41a9c673b5dc6f8a464b6aedbc1e3ad39
x-served-by: cache-lga21934-LGA, cache-mxp6958-MXP
last-modified: Wed, 20 Oct 2021 20:20:53 GMT
server: cache-mxp6958-MXP
x-timer: S1635270250.155578,VS0,VE1
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
expires: Thu, 20 Oct 2022 20:21:14 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/all-by-quicklify.min.css>; rel="canonical"
x-cache-hits: 36, 1

GET
H2 200 all-by-quicklify.min.js Show response
cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/ 0
306 B 63ms
19ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/all-by-quicklify.min.js?v=11160318154034397263

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 1
x-xss-protection: 1; mode=block
x-request-id: aeb877643dafdf12526767a416893cc9dba7c24caaffd53957e10ecec38367a7
x-served-by: cache-lga21930-LGA, cache-mxp6958-MXP
last-modified: Wed, 20 Oct 2021 20:20:57 GMT
server: cache-mxp6958-MXP
x-timer: S1635270250.155866,VS0,VE1
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 21 Oct 2022 04:48:13 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/all-by-quicklify.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 vanilla-lazyload Show response
cdn.jsdelivr.net/npm/ 8 KB
3 KB 80ms
33ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

721666d957cce6bee1c45bba4c602b70999853e635f5f4fe9a0e7c201542b5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 41046
x-jsd-version: 17.5.0
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19156-FRA, cache-mxp6960-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"2064-oi+c7JJTK/ZiiPmw9llPJzhqJ/I"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6a457db77aed59b3-MXP

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 67ms
28ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 519076
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27958
timing-allow-origin: *
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaOJYmhC%2FOED2YnKlNkpp9DXZiYOeWQLx0QuOFOw7ScruWT%2FwoIxyJatTHNc2cg729f92oFSmXIVfVBvUNYt8gO%2FzD0j%2BHSH3h7EAWYl7dpSoOf6dzjEqwy%2BFGMpi0%2FKT7QMtaUHkZYoPy6F08qQBrFe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a457db76c540e12-MXP
expires: Sun, 16 Oct 2022 17:44:10 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 45ms
23ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 514911
cdn-cachedat: 2021-06-08 21:08:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9f7ab357f9488eab14ca15273c4cd1ea
cf-ray: 6a457db7490f703a-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.fancybox.min.css
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/ 12 KB
3 KB 40ms
19ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75437
x-jsd-version: 3.5.7
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19144-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a457db749465bf9-FRA

GET
H2 200 animate.min.css
cdn.jsdelivr.net/npm/animate.css@4.1.1/ 70 KB
6 KB 38ms
18ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/animate.css@4.1.1/animate.min.css

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75340
x-jsd-version: 4.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19143-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"11846-uB7xsi3iavinpGVvVl+8kaaddRg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a457db749485bf9-FRA

GET
H2 200 splide-core.min.css
cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/css/ 2 KB
656 B 43ms
22ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/css/splide-core.min.css

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f2634a24775898b4af50f16049dc79c9b4d8093d2e541afec4e2a4c1b1b03ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75431
x-jsd-version: 2.4.21
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19125-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"60c-S5Zf5dv+87wUe/7sm5U2FFhrrvA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a457db749475bf9-FRA

GET
H2 200 theme.min.css
cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/ 493 KB
45 KB 62ms
20ms Stylesheet
text/css 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/theme.min.css?v=1588088395238679887

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

03fe804368597b63e2ab2349abde3c4c92be70a5d1848759617d16b4036fc8eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 45733
x-xss-protection: 1; mode=block
x-request-id: e7e4e234976c4672f39b32019cbe6e1556ed289fc173d8785663991a70299f9d
x-served-by: cache-lga21933-LGA, cache-mxp6958-MXP
last-modified: Sat, 16 Oct 2021 23:05:42 GMT
server: cache-mxp6958-MXP
x-timer: S1635270250.155668,VS0,VE1
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
expires: Sun, 16 Oct 2022 23:06:33 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/theme.min.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 custom.css
cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/ 72 B
688 B 61ms
19ms Stylesheet
text/css 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/custom.css?v=8730197348477955219

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

366678e70077cfc1013e97f532acea051e6730caeedd391697400c15af4e57ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 63
x-xss-protection: 1; mode=block
x-request-id: 86b11e9cba2e346b37e9b9f5a788f41b31d64e6fb63a478aef4e57104b0e83ba
x-served-by: cache-lga21930-LGA, cache-mxp6958-MXP
last-modified: Sat, 16 Oct 2021 23:05:55 GMT
server: cache-mxp6958-MXP
x-timer: S1635270250.155741,VS0,VE1
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
expires: Sun, 16 Oct 2022 23:22:53 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/custom.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 9 KB
4 KB 60ms
19ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6974-MXP /

Resource Hash

a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
edge-cache-tag: mime-application/javascript,source-GcsBackend,segment2-185,segment4-47496,revision-4eb854e75ebaebbee861b95246c01bb5ae7be00e,cdn-shopify-com-shopifycloud-shopify-assets-storefront-load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb
x-cache: HIT, HIT
content-length: 2777
x-xss-protection: 1; mode=block
x-request-id: d0535f2c9d2ec085668a18bb5a49694cb9bfd178841af8ed998358460da86477
x-served-by: cache-lga13622-LGA, cache-mxp6974-MXP
last-modified: Tue, 18 May 2021 19:26:10 GMT
server: cache-mxp6974-MXP
x-timer: S1635270250.241597,VS0,VE0
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 26 May 2022 18:27:24 GMT
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524.js>; rel="canonical"
x-cache-hits: 1076, 859816

GET
H2 200 features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 37 KB
12 KB 41ms
20ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6974-MXP /

Resource Hash

87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 12298
x-xss-protection: 1; mode=block
x-request-id: 823e4d40b20d9e572e38417cb50da26b595a09369a71edf6fb2fa4a04ae2d492
x-served-by: cache-lga21936-LGA, cache-mxp6974-MXP
last-modified: Fri, 16 Oct 2020 15:31:32 GMT
server: cache-mxp6974-MXP
x-timer: S1635270250.241684,VS0,VE0
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 19 Aug 2022 08:23:49 GMT
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"
x-cache-hits: 582322, 844707

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1413752/ 54 KB
17 KB 133ms
110ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1413752/tfa.js
Requested by: Host: useortomed.com
URL: https://useortomed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d63f4e6f8e182e2d83617beda498cb57954c6234e0fa9c919c1cd382f9a303d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: dvkt3YGpIQvTGuI78gjmJ9zC8LstElPh
content-encoding: gzip
etag: "c04ad4d352063f1b97d04d6e3175b9c0"
age: 110
x-cache: HIT
x-amz-replication-status: PENDING
fastly-restarts: 1
x-amz-id-2: yYovd9GnzVKEgrowd8A3rYi4piKfwBfgZ9Jb/ikVckMiu2CTNZYk7kLTLvFkml4AO60PfOD7g50=
x-served-by: cache-hhn4074-HHN
accept-ranges: bytes
last-modified: Tue, 26 Oct 2021 08:48:41 GMT
server: AmazonS3
x-timer: S1635270250.236746,VS0,VE102
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept-Encoding
x-amz-request-id: 2VJK6SMDZDQES921
via: 1.1 varnish
cache-control: private,max-age=14401
content-length: 16785
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 3071

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 100 KB
39 KB 75ms
39ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MCTTTLJ

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76d611e237068f2e08a098e37403bac221055673bc208815d19ab3684b24bb18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 39440
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Oct 2021 17:44:10 GMT

GET
H2 200 trekkie.storefront.9cec0de8974d3f95141d78e7a80a1e5da9433999.min.js Show response
cdn.shopify.com/s/ 79 KB
17 KB 17ms
17ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/trekkie.storefront.9cec0de8974d3f95141d78e7a80a1e5da9433999.min.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

9d6e416cac08217a8c4d1875b0986213ce2a7969a4937320a71ef817720193ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 16869
x-xss-protection: 1; mode=block
x-request-id: a367ba38d3a60312fb990cf65e82dffd459e034242aae79bc00ee55e49002be5
x-served-by: cache-lga13627-LGA, cache-mxp6958-MXP
last-modified: Tue, 26 Oct 2021 17:19:02 GMT
server: cache-mxp6958-MXP
x-timer: S1635270250.218135,VS0,VE0
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 26 Oct 2022 17:20:30 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/trekkie.storefront.9cec0de8974d3f95141d78e7a80a1e5da9433999.min.js>; rel="canonical"
x-cache-hits: 1, 725

GET
H2 200 shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/ 8 KB
3 KB 18ms
18ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 2598
x-xss-protection: 1; mode=block
x-request-id: 294e4b48991eb830a2fdf0e273977131b81823e590670d3084c7fab152aaca50
x-served-by: cache-lga21924-LGA, cache-mxp6958-MXP
server: cache-mxp6958-MXP
x-timer: S1635270250.218235,VS0,VE0
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js>; rel="canonical"
x-cache-hits: 1, 870287

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
475 B 364ms
112ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.9cec0de8974d3f95141d78e7a80a1e5da9433999.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://useortomed.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: eda38853-05df-4e72-9ff4-1d95cc86dc08

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 52 KB
15 KB 26ms
25ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1645814
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15508
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-d04c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yti5%2FxbecbtZeQZyAczWzVerqaXrPfRhngyg14wHycrjXei2EZHVbmczUkTk8osgflDKoJ0X34i4ymIFrcJNuu1R6P6Iy0hglyU7jlPQo0IuOOu1z8Obk0rSOOY%2BerqrStht37jp0eB0dVuo8qEykG3C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a457db83dc90e12-MXP
expires: Sun, 16 Oct 2022 17:44:10 GMT

GET
H2 200 Slide_Mobile_Esquenta_Black_1600x1600_crop_center.jpg
cdn.shopify.com/s/files/1/0087/3906/1837/files/ 209 KB
210 KB 237ms
236ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0087/3906/1837/files/Slide_Mobile_Esquenta_Black_1600x1600_crop_center.jpg?v=1635268272

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

4c1015de48a2b05973e60ded5d34b2b0369e61fcde5a4ece30956116ec86e4ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, MISS
content-length: 214096
x-xss-protection: 1; mode=block
x-request-id: f20640276a7ae1d4687a2a0415610d0aa5ae99a2f0814fd5cae9f2ad8d5935a7
x-served-by: cache-lga13623-LGA, cache-mxp6958-MXP
last-modified: Tue, 26 Oct 2021 17:11:12 GMT
server: cache-mxp6958-MXP
x-timer: S1635270250.275722,VS0,VE218
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 26 Oct 2022 17:11:12 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0087/3906/1837/files/Slide_Mobile_Esquenta_Black_1600x1600_crop_center.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 Slide_PC_Esquenta_Black_1600x1600_crop_center.jpg
cdn.shopify.com/s/files/1/0087/3906/1837/files/ 184 KB
184 KB 137ms
136ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0087/3906/1837/files/Slide_PC_Esquenta_Black_1600x1600_crop_center.jpg?v=1635268239

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

c3bee6a337eb872bc6884fc56382decb2008e7d725f70b088769f925be9c9118

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, MISS
content-length: 188038
x-xss-protection: 1; mode=block
x-request-id: 47edb2ca01cf86c96aa4fa062f633db443febfd9b29eecf04e149bc1c3cc8a7d
x-served-by: cache-lga21936-LGA, cache-mxp6958-MXP
last-modified: Tue, 26 Oct 2021 17:10:40 GMT
server: cache-mxp6958-MXP
x-timer: S1635270250.275867,VS0,VE117
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 26 Oct 2022 17:10:40 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0087/3906/1837/files/Slide_PC_Esquenta_Black_1600x1600_crop_center.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/ 87 KB
31 KB 32ms
30ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75437
x-jsd-version: 3.5.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19178-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"15d84-yOHIs4bcW3qRhMdjyI0Zo0brM0I"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a457db84bb05bf9-FRA

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 21 KB
8 KB 18ms
15ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75436
x-jsd-version: 1.16.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19181-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a457db84bb75bf9-FRA

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 62 KB
15 KB 18ms
15ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75432
x-jsd-version: 4.6.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19179-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"f7eb-O+7WjtfXU8a/T2HCY4bd15KboDA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a457db84bb95bf9-FRA

GET
H2 200 jquery.fancybox.min.js Show response
cdn.jsdelivr.net/npm/@fancyapps/fancybox@3.5.7/dist/ 67 KB
22 KB 25ms
22ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75433
x-jsd-version: 3.5.7
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19164-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"10a9d-YYFBLnOWZpbQjh5bEkOlctDyK6Y"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a457db84bba5bf9-FRA

GET
H2 200 bootstrap-input-spinner.min.js Show response
cdn.jsdelivr.net/npm/bootstrap-input-spinner@1.16.9/src/ 5 KB
2 KB 27ms
25ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-input-spinner@1.16.9/src/bootstrap-input-spinner.min.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548e489a36baae30056284559def410a8f6ef127e617d292fe131d1937fc7f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75394
x-jsd-version: 1.16.9
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19172-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1567-XDOHcicoJMXLobBd3wLy0+nz9dk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a457db84bbb5bf9-FRA

GET
H2 200 splide.min.js Show response
cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/js/ 28 KB
11 KB 21ms
18ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@splidejs/splide@2.4.21/dist/js/splide.min.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a609c6dfff57a1865067c376468a736ee9f8d0578ef52c3063738c8c30986c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75432
x-jsd-version: 2.4.21
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19149-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"7170-eq1ZE4HBpvEGZCwKn41rAbub2NI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a457db84bbd5bf9-FRA

GET
H2 200 infiniteslidev2.min.js Show response
cdn.jsdelivr.net/npm/infiniteslidev2@2.0.1-1/ 2 KB
1 KB 24ms
22ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/infiniteslidev2@2.0.1-1/infiniteslidev2.min.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4cdb083e0605dbbd606f0cfa4bf80972ceec3e0cd3f18218327af3af1ce5f06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75029
x-jsd-version: 2.0.1-1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19136-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"967-aXEzGWlHYhS2IMm2+ppRaKMn6I4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a457db84bc05bf9-FRA

GET
H2 200 enter-view.min.js Show response
cdn.jsdelivr.net/npm/enter-view@2.0.1/ 3 KB
1 KB 28ms
25ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/enter-view@2.0.1/enter-view.min.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baeeba36ad2be508459d5a738071f6d2bd7c1b4388d293ede8ef40a966c1beac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75029
x-jsd-version: 2.0.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19180-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"afe-6rvx+iFka6xepBXnlqzPhcZ1z/8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a457db84bc25bf9-FRA

GET
H2 200 jquery.timeago.min.js Show response
cdn.jsdelivr.net/npm/timeago@1.6.7/ 4 KB
2 KB 20ms
17ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/timeago@1.6.7/jquery.timeago.min.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dd07bab282afa136ce4e10506062bd369199a01cd307a6a198de15cb02921a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75423
x-jsd-version: 1.6.7
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19130-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"f76-lw01rFNA675JlrxheNGU3I3Ucgo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a457db84bc55bf9-FRA

GET
H2 200 dayjs.min.js Show response
cdn.jsdelivr.net/npm/dayjs@1.10.4/ 6 KB
3 KB 23ms
21ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/dayjs@1.10.4/dayjs.min.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

353b11e123a6dd81df26b9ab9af06d118a9f43a8d0e72bc428c86041edc3225d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75397
x-jsd-version: 1.10.4
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19147-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"191b-Bi8YVBQW7k4mzBBBVZYzvglQcSM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a457db84bc85bf9-FRA

GET
H2 200 theia-sticky-sidebar.min.js Show response
cdn.jsdelivr.net/npm/theia-sticky-sidebar@1.7.0/dist/ 5 KB
2 KB 27ms
25ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/theia-sticky-sidebar@1.7.0/dist/theia-sticky-sidebar.min.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75393
x-jsd-version: 1.7.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19133-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1535-GPQWoTj8W89HhlhctVqNRq+ZdqY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a457db84bd85bf9-FRA

GET
H2 200 api.jquery-e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/themes_support/ 6 KB
2 KB 20ms
18ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/api.jquery-e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 1583
x-xss-protection: 1; mode=block
x-request-id: 6d7442241b382e1deaed91c2a511e34e5f30adeccbca4cfe7036cce9638191e9
x-served-by: cache-lga21979-LGA, cache-mxp6958-MXP
last-modified: Fri, 16 Oct 2020 15:50:09 GMT
server: cache-mxp6958-MXP
x-timer: S1635270250.290856,VS0,VE0
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 09 Jun 2022 04:19:51 GMT
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/api.jquery-e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f.js>; rel="canonical"
x-cache-hits: 8481, 118196

GET
H2 200 theme.min.js Show response
cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/ 65 KB
12 KB 21ms
19ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/theme.min.js?v=13168927336804899355

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

4895481db11bac35c81e7f1ce384014efe67c31bcc2e05dd9aada69c3a45cb67

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 11482
x-xss-protection: 1; mode=block
x-request-id: c2cf13694e19e7387278ce3d60b09461f11159acdb1d8343c5cc3a2912ef0931
x-served-by: cache-lga21925-LGA, cache-mxp6958-MXP
last-modified: Sat, 16 Oct 2021 23:05:42 GMT
server: cache-mxp6958-MXP
x-timer: S1635270250.290958,VS0,VE1
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 21 Oct 2022 07:36:05 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/theme.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 custom.js Show response
cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/ 27 B
643 B 21ms
20ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/custom.js?v=8783598748250584370

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

4b5cfaae36eb194514bcb87c2ed911962995db479ed9d14577eca215d69d04b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 31
x-xss-protection: 1; mode=block
x-request-id: 4e18aa965b054d0116b7088eca823be8492109ab464db2a0ff8521cc1924e4c3
x-served-by: cache-lga21956-LGA, cache-mxp6958-MXP
last-modified: Sat, 16 Oct 2021 23:05:31 GMT
server: cache-mxp6958-MXP
x-timer: S1635270250.291019,VS0,VE1
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Sun, 16 Oct 2022 23:06:33 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/custom.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 security.js Show response
www.mercadopago.com/v2/ 4 KB
2 KB 442ms
356ms Script
application/javascript 52.222.139.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mercadopago.com/v2/security.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.97 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-97.ams50.r.cloudfront.net

Software

Resource Hash

f57c7212fd3c303c5a79e95d877d401f9c60345229d95e925e8b83db8f480396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-meli-trace-site: UNKNOWN
date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-d2id: 8b6db1ca-0ff3-48e0-ad86-cafc2d7b8c2c
x-amz-cf-pop: AMS50-C1
x-cache: Miss from cloudfront
x-transaction-name: get_off_widget
x-meli-trace-platform: /web/desktop
x-xss-protection: 1; mode=block
x-request-id: 8b6db1ca-0ff3-48e0-ad86-cafc2d7b8c2c
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 ff34f581ad0f4009e4c404975952e7f0.cloudfront.net (CloudFront)
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-meli-trace-bu: mercadopago
x-amz-cf-id: 6UdL72Hesn9DiKzL5T0s6yZY3c5VwcBkjuJXSEsPiUbLvyUGPPkA5A==
x-request-device-id: 8b6db1ca-0ff3-48e0-ad86-cafc2d7b8c2c

GET
H2 200 checkout.css
cdn.yampi.me/shopify/ 1 KB
1 KB 107ms
29ms Stylesheet
text/css 2606:4700:20::ac43:480e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yampi.me/shopify/checkout.css
Requested by: Host: useortomed.com
URL: https://useortomed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:480e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6e9e686baf87a3c5b76f0e70e726cd63dcd253314d9874c1bd75f377647a9b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5146
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: J95CC5Y7QAKDE8G8
x-amz-id-2: vAOC/Jz6g6hHcjw8l3OwbAOQnQ8kzuxUeFZAGRKs8xZOyXy03Rm2+hpeJ6jGxEwFXZtUOincPU8=
last-modified: Fri, 25 Jun 2021 14:50:03 GMT
server: cloudflare
etag: W/"c2ba47573d691e982c0cd58f4250b98d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UP37iHIdS4rgiAHJsiRoi1TLxZXydkVYN4BF2K9gH7kY%2B5VnaSL%2B3XwD7ORXbyUfgAjxHuPIVEgKAyu3UZNtivHhjFyAUN%2BsgkoeU1DyzGcGzxgbmIJ4gtTjUGSSPbWfQ%2BcNwmZ4q2%2BmPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
x-amz-version-id: jEBlAt3V9PU9nObT5J4I3SpI0zpOsB6S
cf-ray: 6a457db8ce5559a7-MXP

GET
H2 200 style.min.css
api.dsreviews.net/css/ 55 KB
10 KB 74ms
17ms Stylesheet
text/css 2606:4700:3035::6815:e4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dsreviews.net/css/style.min.css
Requested by: Host: useortomed.com
URL: https://useortomed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:e4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 551850dd17c78bbfb877107259be202f47e05bb56a306f552b8525d6cc28c1dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Oct 2021 04:40:43 GMT
server: cloudflare
age: 3507
etag: W/"617786cb-da6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IryNNbkypMhUBQpJBTxReuvBgcQnxnvTuUU34HIDaxGTg9%2FnKkTVyY1ezPlWL%2BlwMRSwZ0u2dhExXb9Qd0AAK8g0mQCSuFAxVN%2BrpXECNsDlxX9d00N4X2MTw271O0SDPYqOu5XCGTEa6SuTWwD%2F3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a457db8adea6907-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 app.min.js Show response
api.dsreviews.net/js/ 48 KB
8 KB 75ms
19ms Script
application/javascript 2606:4700:3035::6815:e4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dsreviews.net/js/app.min.js
Requested by: Host: useortomed.com
URL: https://useortomed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:e4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbfb9b1e0ed9a7f0b35a2612d6de14d593bc1eec5cc608c1c154a807fc12cbf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Oct 2021 12:06:51 GMT
server: cloudflare
age: 2142
etag: W/"616428db-c01b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HX5rjq8rnl2vSL6UQk68caTPCq42l44LgLKvjTAHnO2W%2B9WQe3JB7bbhxORiKBet%2F%2Fe7kK2kSpo2JvI8IhXLbNJYyJFYNaUxSO7VO9HyTW%2BAJdmN5PifzBtytAtFNVrExiyTZniV%2F5lRkzNqSCZJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a457db8adef6907-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 902feb64d8b6d481ab8ddda06fbebbba4c95dfa9b7936a7beeb197266cd8b846

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 json Show response
myip.wtf/ 272 B
364 B 283ms
119ms XHR
application/json 2a02:2770:16:0:21a:4aff:fedc:c1bf
TILAA

General

Check archive.org

Show headers Download Go to

Full URL: https://myip.wtf/json
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2770:16:0:21a:4aff:fedc:c1bf , Netherlands, ASN196752 (TILAA, NL),
Reverse DNS
Software: /
Resource Hash: fd059498e1e492ce4882db0db68d1431a6d44876ed6620670243c1cb693b983f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 26 Oct 2021 17:44:10 GMT
content-length: 272
access-control-allow-methods: GET
content-type: application/json

GET
H2 200 icomazon.png
rawart.com.br/img/PNG/ 20 KB
20 KB 65ms
18ms Image
image/png 2620:2:6000::bad:dab:cafe
NEOCITIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rawart.com.br/img/PNG/icomazon.png

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:2:6000::bad:dab:cafe , United States, ASN395409 (NEOCITIES, US),

Reverse DNS

Software

neocities /

Resource Hash

3b48af9153e92423d79f2d3bdc3e0b15e482ceb87e5c3ce3af5bd6f593cead9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: *
Strict-Transport-Security	max-age=16416000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
last-modified: Tue, 19 Oct 2021 00:29:15 GMT
server: neocities
upgrade-insecure-requests: 1
etag: "616e115b-4f48"
strict-transport-security: max-age=16416000; includeSubDomains
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-neocities-cdn: cdn-fra
content-security-policy: upgrade-insecure-requests; default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: *
accept-ranges: bytes
content-length: 20296
x-cached: HIT

GET
H2 200 montserrat_n4.1d581f6d4bf1a97f4cbc0b88b933bc136d38d178.woff2
fonts.shopifycdn.com/montserrat/ 22 KB
23 KB 25ms
19ms Font
font/woff2 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.shopifycdn.com/montserrat/montserrat_n4.1d581f6d4bf1a97f4cbc0b88b933bc136d38d178.woff2?h1=dXNlb3J0b21lZC5jb20&hmac=07601e11d2e2d75c8045cc9acd4bc79d269da0b43057f7cb36f69410239f2e1a
Requested by: Host: useortomed.com
URL: https://useortomed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48ae9ed1cac75b617355bdb11b27d4455b02e13f51d8cdccfb3262c195314f66

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
via: 1.1 varnish
age: 11978700
x-guploader-uploadid: ABg5-UwdV9-HIJAtPYE6Tva4K2Pd_o4z_lQhpyzasmOqYBXLGp00ui1RlMLiLLGpwmtdZuwiAEzwxqSL1PZs7vjmJM8
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 22716
x-request-id: a3db58f3a6ad20193f14a2f863058ffd7411fa3a679727d1b978c5174551dd7b
x-served-by: cache-mxp6974-MXP
last-modified: Fri, 12 Mar 2021 19:42:32 GMT
server: UploadServer
x-timer: S1635270250.344288,VS0,VE0
etag: "2b2b7174f2b09919c27c5fd48454e722"
x-goog-hash: crc32c=zel/7g==, md5=KytxdPKwmRnCfF/UhFTnIg==
content-type: font/woff2
access-control-allow-origin: *
expires: Fri, 10 Jun 2022 02:19:10 GMT
cache-control: max-age=2629800, immutable
accept-ranges: bytes
x-cache-hits: 219218

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 70ms
48ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCTTTLJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ea0ccf3eab05a27a83fdc3a0c60ede70d4d2f18bf8be6cbdcc221d43ad5686ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14430
x-xss-protection: 0
server: cafe
etag: 16924264664223707549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 26 Oct 2021 17:44:10 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 132 KB
39 KB 296ms
201ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5KQOKL1T98720DVTST0&lib=ttq
Requested by: Host: useortomed.com
URL: https://useortomed.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 971cb189b352a278e3458f0481bd92e6369e2dbdb1f1153e9e123b7c1c8916b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-akamai-request-id: c0e59e10.3d701581
date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-81-138-79.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 161,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=157, origin; dur=5, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 202110261744100102450232211A05ED94
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,104.81.138.79
x-tt-trace-host: 019fb33fe263e90dd5da21fa562235761fc688e834327f8b6c8e7d6eeacc020318ec1de46f5dfe0574d51a6d7f537163fa52bef579389b6e0f917c07c34dd8d11eaab945983042cf31195c1458c8910db1087876c07d55614b03896b60f1daa53d216bb80d48dc0193d53c95a8d5d98528
expires: Tue, 26 Oct 2021 17:44:10 GMT

GET
H2 200 blank.png
cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/ 46 B
699 B 106ms
106ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/blank.png?v=3312587738922691514

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

5d58c994e141ae6b8fe292184155e6a136566ef6965b9c87780c3ec6081a0b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: header_generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, MISS
content-length: 46
x-xss-protection: 1; mode=block
x-request-id: 7bbbb4ca6294cfe22b5958d6ec7b349fda04d64e4e9adf49591065b32e6d04f2
x-served-by: cache-lga21968-LGA, cache-mxp6958-MXP
last-modified: Sat, 16 Oct 2021 23:06:33 GMT
server: cache-mxp6958-MXP
x-timer: S1635270250.387412,VS0,VE89
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 16 Oct 2022 23:06:33 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0087/3906/1837/t/14/assets/blank.png>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 ChineloNuvemLaranja_809489af-d190-468c-9aa5-78a1e5622814_480x480_crop_center.jpg
cdn.shopify.com/s/files/1/0087/3906/1837/products/ 50 KB
51 KB 208ms
207ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0087/3906/1837/products/ChineloNuvemLaranja_809489af-d190-468c-9aa5-78a1e5622814_480x480_crop_center.jpg?v=1634760023

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

38b694f54a46f04a1aea062e78e816742a63f586da5fb402e99e902bb4767c5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 51586
x-xss-protection: 1; mode=block
x-request-id: 600223f1f81c213666744be8883cfbdc4b8a08d0de0e58d83b3c571edb0d4a6b
x-served-by: cache-lga21953-LGA, cache-mxp6958-MXP
last-modified: Wed, 20 Oct 2021 20:00:45 GMT
server: cache-mxp6958-MXP
x-timer: S1635270250.451157,VS0,VE188
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 20 Oct 2022 20:00:45 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0087/3906/1837/products/ChineloNuvemLaranja_809489af-d190-468c-9aa5-78a1e5622814_480x480_crop_center.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 product-image-1630784992_480x480_crop_center.jpg
cdn.shopify.com/s/files/1/0087/3906/1837/products/ 31 KB
32 KB 22ms
21ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0087/3906/1837/products/product-image-1630784992_480x480_crop_center.jpg?v=1634000166

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

d02ba41ef7d594a81e4c6e7728b69f8727417da58dfdfe7a6ecf1f83416b37da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 31948
x-xss-protection: 1; mode=block
x-request-id: 6071a86fc4e0548a62688e0eb99e3d295722f4dfca6e9e3832f86e565869a429
x-served-by: cache-lga21926-LGA, cache-mxp6958-MXP
last-modified: Sat, 16 Oct 2021 22:30:23 GMT
server: cache-mxp6958-MXP
x-timer: S1635270250.451340,VS0,VE1
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 16 Oct 2022 22:30:23 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0087/3906/1837/products/product-image-1630784992_480x480_crop_center.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 product-image-1228518743_480x480_crop_center.jpg
cdn.shopify.com/s/files/1/0087/3906/1837/products/ 55 KB
56 KB 22ms
21ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0087/3906/1837/products/product-image-1228518743_480x480_crop_center.jpg?v=1633916410

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

8c6108e6c6ea11c3e1e3c48d97cb5dba341879cc1e1c330337bd930122e92991

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 56664
x-xss-protection: 1; mode=block
x-request-id: 422ee7d61aad4fac113a8288f8e87bf24f7e61ec6c912fd4f3b03e63cf4a6588
x-served-by: cache-lga21948-LGA, cache-mxp6958-MXP
last-modified: Sat, 16 Oct 2021 22:30:54 GMT
server: cache-mxp6958-MXP
x-timer: S1635270250.451362,VS0,VE1
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 16 Oct 2022 22:30:54 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0087/3906/1837/products/product-image-1228518743_480x480_crop_center.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 TenisOrtopedicoGel_5_480x480_crop_center.jpg
cdn.shopify.com/s/files/1/0087/3906/1837/products/ 35 KB
36 KB 20ms
20ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0087/3906/1837/products/TenisOrtopedicoGel_5_480x480_crop_center.jpg?v=1634760063

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

13d8f7f6f4f89fa6b27b804672a398a29a6416d33bf9e9a5fb4b1c0f5509b8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 36330
x-xss-protection: 1; mode=block
x-request-id: 5eb3828fd0ad79efc07eef3a964eac7a71a3e8d07e9b22b36b3fa764e645957e
x-served-by: cache-lga21973-LGA, cache-mxp6958-MXP
last-modified: Thu, 21 Oct 2021 08:15:03 GMT
server: cache-mxp6958-MXP
x-timer: S1635270250.451423,VS0,VE1
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 21 Oct 2022 08:15:03 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0087/3906/1837/products/TenisOrtopedicoGel_5_480x480_crop_center.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 ChineloNuvemLaranja_809489af-d190-468c-9aa5-78a1e5622814_640x640_crop_center.jpg
cdn.shopify.com/s/files/1/0087/3906/1837/products/ 86 KB
86 KB 20ms
20ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0087/3906/1837/products/ChineloNuvemLaranja_809489af-d190-468c-9aa5-78a1e5622814_640x640_crop_center.jpg?v=1634760023

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

6c443f7834079c228539e025533a315eb6727ccf9f9b94860ad1fdbfc2033107

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 87560
x-xss-protection: 1; mode=block
x-request-id: 5318fe6cce6e4103f3fbcf29fa3624df4a5f219e387eccb596649964aba79924
x-served-by: cache-lga21978-LGA, cache-mxp6958-MXP
last-modified: Thu, 21 Oct 2021 10:09:37 GMT
server: cache-mxp6958-MXP
x-timer: S1635270250.467551,VS0,VE1
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 21 Oct 2022 10:09:37 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0087/3906/1837/products/ChineloNuvemLaranja_809489af-d190-468c-9aa5-78a1e5622814_640x640_crop_center.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 204 unip Show response
trc.taboola.com/1413752/log/3/ 0
261 B 23ms
17ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1413752/log/3/unip?en=page_view&tim=1635270250472&ref=null&cv=20211026-3-RELEASE&tos=2&ssd=1&scd=32&mrir=u&vi=1635270250468
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 26 Oct 2021 17:44:10 GMT
via: 1.1 varnish
server: nginx
x-timer: S1635270250.482671,VS0,VE9
x-served-by: cache-hhn4074-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://useortomed.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/397309586/ 2 KB
2 KB 65ms
28ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/397309586/?random=1635270250495&cv=9&fst=1635270250495&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fuseortomed.com%2F&tiba=Ortomed&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19b16deb371d87be0408746efde7c55dfb00b167c227610da840f128b623cbb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 986
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/397309586/ 2 KB
1 KB 18ms
17ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/397309586/?random=1635270250499&cv=9&fst=1635270250499&num=1&value=0&label=BdMrCNfSmfcCEJLtub0B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fuseortomed.com%2F&tiba=Ortomed&auid=1121312130.1635270250&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

40d8b12a7c01c103dcaa5145dbe2123d1e65819b728d159e61a17094649bc94e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1180
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/397309586/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/397309586/?random=1489117009&cv=9&fst=1635270250499&num=1&value=0&label=BdMrCNfSmfcCEJLtub0B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
https://www.google.com/pagead/1p-conversion/397309586/?random=1489117009&cv=9&fst=1635270250499&num=1&value=0&label=BdMrCNfSmfcCEJLtub0B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
https://www.google.de/pagead/1p-conversion/397309586/?random=1489117009&cv=9&fst=1635270250499&num=1&value=0&label=BdMrCNfSmfcCEJLtub0B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...

42 B
108 B

30ms
29ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/397309586/?random=1489117009&cv=9&fst=1635270250499&num=1&value=0&label=BdMrCNfSmfcCEJLtub0B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fuseortomed.com%2F&tiba=Ortomed&auid=1121312130.1635270250&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=aj54YcSMH9qNgAeV8KSQDw&eitems=ChAI8M7eiwYQ3afxtIrIovR7Eh0A5R_u_f86xMzd-1cQf_FPpUcpeM2bClobSAJ7zQ&random=1307214708&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/397309586/?random=1489117009&cv=9&fst=1635270250499&num=1&value=0&label=BdMrCNfSmfcCEJLtub0B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fuseortomed.com%2F&tiba=Ortomed&auid=1121312130.1635270250&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=aj54YcSMH9qNgAeV8KSQDw&eitems=ChAI8M7eiwYQ3afxtIrIovR7Eh0A5R_u_f86xMzd-1cQf_FPpUcpeM2bClobSAJ7zQ&random=1307214708&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/397309586/ 42 B
519 B 66ms
26ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/397309586/?random=1635270250495&cv=9&fst=1635267600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&frm=0&url=https%3A%2F%2Fuseortomed.com%2F&tiba=Ortomed&async=1&fmt=3&is_vtc=1&random=689262824&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/397309586/ 42 B
519 B 80ms
40ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/397309586/?random=1635270250495&cv=9&fst=1635267600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&frm=0&url=https%3A%2F%2Fuseortomed.com%2F&tiba=Ortomed&async=1&fmt=3&is_vtc=1&random=689262824&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
0 193ms
192ms Ping
application/json 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5KQOKL1T98720DVTST0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 198ms
197ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5KQOKL1T98720DVTST0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-akamai-request-id: 2391437f.3d70170c
date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-52-40-70.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 172,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=154, origin; dur=19, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 20211026174410010245243099062666A8
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 19,23.52.40.70
x-tt-trace-host: 019fb33fe263e90dd5da21fa562235761f0e34b2e30abaebafc9156e46958cf79922c41b39b4aee40752c75d8ab96c0e9222dbc22de2be5fb299d88453ffaf7c7747884852e0730750d4b9fe40e601d1f4f8b5dc67184cd515f127fe0406c8bc3ea4361461935c241c5d7d071df2fe7218
expires: Tue, 26 Oct 2021 17:44:10 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
0 191ms
191ms Ping
application/json 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5KQOKL1T98720DVTST0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
0 203ms
203ms Ping
application/json 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5KQOKL1T98720DVTST0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
0 216ms
216ms Ping
application/json 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5KQOKL1T98720DVTST0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
0 240ms
240ms Ping
application/json 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5KQOKL1T98720DVTST0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
0 247ms
246ms Ping
application/json 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5KQOKL1T98720DVTST0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 59 KB
20 KB 240ms
240ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C5KQOKL1T98720DVTST0&hostname=useortomed.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5KQOKL1T98720DVTST0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1e1661a31f15d5ee075ef612ca2af1f5699ea6182b0fcface9ffa423d2831c15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-akamai-request-id: 6860ccba.3d7017a8
date: Tue, 26 Oct 2021 17:44:10 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-52-40-71.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 159,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=154, origin; dur=5, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 202110261744100102452480040E051873
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.52.40.71
x-tt-trace-host: 019fb33fe263e90dd5da21fa562235761f0e34b2e30abaebafc9156e46958cf7992184abb28946150a90e1a6e7cdeb9eacc7941a673735a8703aeb26d7bb2aa891e3a361670c3f9241dfcb5ee7e1ae440d5bac35e6c299ab94ad5163affefcd8bf55d8cf891ae4fced7c94d1082ce30d79
expires: Tue, 26 Oct 2021 17:44:10 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
0 274ms
274ms Ping
application/json 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5KQOKL1T98720DVTST0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
0 251ms
251ms Ping
application/json 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5KQOKL1T98720DVTST0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *

OPTIONS
H2 200 web_device
api.mercadopago.com/v1/device_sessions/ Frame 0
0 340ms
112ms Preflight
application/json 52.0.47.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercadopago.com/v1/device_sessions/web_device

Protocol

Server

52.0.47.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-47-140.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://useortomed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 26 Oct 2021 17:44:11 GMT
content-type: application/json;charset=utf-8
x-request-id: a2ab28c3-9e52-4ea3-b9bb-56ca4b9c73ab
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-29,x-trace-digest-keys
x-source-ip: 185.232.23.182
x-trace-source: fury_app
x-trace-digest-29: mDNadQqMb4kpInNp6S0mdpDwKkX59amsxgMN+l318oHLcqS0D9KVwUmbdsQXHjBy
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: https://useortomed.com
vary: accept,accept-encoding
cache-control: max-age=0
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-max-age: 86400
timing-allow-origin: *

POST
H2 200 web_device Show response
api.mercadopago.com/v1/device_sessions/ 36 KB
12 KB 168ms
168ms XHR
application/json 52.0.47.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercadopago.com/v1/device_sessions/web_device

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.0.47.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-47-140.compute-1.amazonaws.com

Software

Resource Hash

b0c29bd1f9a7895853e3028253ff3da8b8bc5ac2c930eda1c441412ee7dbda3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 26 Oct 2021 17:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-digest-65: bfy5kCUIzPie72G6RKYkpqPxQs1xnO8cc4LTStfGGXbm1MLqoESocUyA71x/dpzF
access-control-max-age: 86400
strict-transport-security: max-age=16070400; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-source-ip: 185.232.23.182
x-trace-source: fury_app
x-request-id: 0ae4b17c-c4be-4a62-a2a7-1e67fea7f327
vary: accept,accept-encoding
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://useortomed.com
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-65,x-trace-digest-keys
cache-control: max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type

GET
H2 200 status Show response
api.dooki.com.br/v2/public/shopify/ 74 B
680 B 739ms
277ms XHR
application/json 54.233.141.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dooki.com.br/v2/public/shopify/status?shop=useortomed.com

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.233.141.230 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-233-141-230.sa-east-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a218eac84026fc65e96842217d0ba9fea271329a3a93db13199a926c8e5cd48d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"773b17117bf4c23ab6e72e69a8dfbca36235ecc9"
x-frame-options: SAMEORIGIN
x-protected-by: Sqreen
access-control-allow-origin: https://useortomed.com
cache-control: no-cache, private
content-type: application/json
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block

GET
H2 200 consent-tracking-api.js Show response
cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/ 4 KB
2 KB 19ms
19ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6974-MXP /

Resource Hash

895a9abb219fd2af30ad07d7ed904c321249fa5d6a7cf966e69586443ff2ebca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://useortomed.com/
Origin: https://useortomed.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 1475
x-xss-protection: 1; mode=block
x-request-id: 49639315edf895cb1a86d3af4998361974d6aac926dd3572bb8a43a1d4013e8d
x-served-by: cache-lga21946-LGA, cache-mxp6974-MXP
server: cache-mxp6974-MXP
x-timer: S1635270251.750270,VS0,VE0
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
x-cache-hits: 1950, 1125

GET
H2 200 Ortomed_logo_2_b7d698b5-a565-4aaf-8fe0-cfe4ba5096d2.png
cdn.shopify.com/s/files/1/0087/3906/1837/files/ 16 KB
16 KB 19ms
19ms Image
image/webp 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0087/3906/1837/files/Ortomed_logo_2_b7d698b5-a565-4aaf-8fe0-cfe4ba5096d2.png?v=1634007761

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

3bba55dc798e509bfc310dd0da6cb1d6cffb0c9e5e5878b60fbfef1ba8c17876

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: header_generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 16038
x-xss-protection: 1; mode=block
x-request-id: 823a9fe545e38ea960ddeae585a3c6f2fa7059f7bbc2fe8e568c6404e18daf3e
x-served-by: cache-lga21957-LGA, cache-mxp6958-MXP
last-modified: Thu, 21 Oct 2021 05:40:46 GMT
server: cache-mxp6958-MXP
x-timer: S1635270251.767741,VS0,VE1
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 21 Oct 2022 05:40:46 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0087/3906/1837/files/Ortomed_logo_2_b7d698b5-a565-4aaf-8fe0-cfe4ba5096d2.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.9cec0de8974d3f95141d78e7a80a1e5da9433999.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 6184
date: Tue, 26 Oct 2021 16:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Tue, 26 Oct 2021 18:01:06 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
833 B 177ms
127ms Script
application/javascript 2a02:26f0:7100:1b9::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.9cec0de8974d3f95141d78e7a80a1e5da9433999.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b9::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "95580b4fad0d5513b92f05a5be0d5a38"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: 51fc1796-104.126.36.214
accept-ranges: bytes
content-length: 583
access-control-expose-headers: X-CDN

GET
H2 200 shopify-boomerang-1.0.0.min.js Show response
cdn.shopify.com/shopifycloud/boomerang/ 58 KB
17 KB 18ms
18ms Script
application/javascript 2a04:4e42:400::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::268 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-mxp6958-MXP /

Resource Hash

886430890562cc216ae31a8047f07542f8df8c11f9465f9b08a8dd2da529ac9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 17388
x-xss-protection: 1; mode=block
x-request-id: 183a6c47aa2bf7f20b5acc6044990c13c6c0dc35eed5fa128362ed60aa25bc62
x-served-by: cache-lga21956-LGA, cache-mxp6958-MXP
last-modified: Thu, 12 Aug 2021 17:22:53 GMT
server: cache-mxp6958-MXP
x-timer: S1635270251.784134,VS0,VE0
date: Tue, 26 Oct 2021 17:44:10 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 26 Aug 2022 05:06:12 GMT
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-cache-hits: 1099616, 1034121

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
474 B 113ms
112ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.9cec0de8974d3f95141d78e7a80a1e5da9433999.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://useortomed.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: f0b422d3-6aab-4b2a-ad61-cb9fc889a636

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
474 B 113ms
113ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.9cec0de8974d3f95141d78e7a80a1e5da9433999.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://useortomed.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 6dd0bf41-2762-45f2-9082-1a00be284812

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
474 B 113ms
113ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.9cec0de8974d3f95141d78e7a80a1e5da9433999.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://useortomed.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: ada0b94e-8f5d-4d5a-86f6-74e1728ddd23

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
474 B 120ms
120ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.9cec0de8974d3f95141d78e7a80a1e5da9433999.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Oct 2021 17:44:10 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://useortomed.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: a2f7229f-526b-4726-8fcf-d2cded53f3e5

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
412 B 81ms
23ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-208898399-1&cid=1468240983.1635270251&jid=1284377476&gjid=2048323904&_gid=417889879.1635270251&_u=YGBAgEABBAAAAE~&z=340265541

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 26 Oct 2021 17:44:10 GMT
content-type: text/plain
access-control-allow-origin: https://useortomed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 8ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=382082227&t=pageview&_s=1&dl=https%3A%2F%2Fuseortomed.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Ortomed&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABB~&jid=1284377476&gjid=2048323904&cid=1468240983.1635270251&tid=UA-208898399-1&_gid=417889879.1635270251&did=BwiEti&z=1119522303

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 15:37:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7572
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 40ms
39ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-208898399-1&cid=1468240983.1635270251&jid=1284377476&_u=YGBAgEABBAAAAE~&z=2032313902

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 41ms
41ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-208898399-1&cid=1468240983.1635270251&jid=1284377476&_u=YGBAgEABBAAAAE~&z=2032313902

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
0 241ms
241ms Ping
application/json 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5KQOKL1T98720DVTST0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *

GET
H2 200 main.6ae4a9fc.js Show response
s.pinimg.com/ct/lib/ 54 KB
19 KB 133ms
133ms Script
application/javascript 2a02:26f0:7100:1b9::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1b9::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "9850391ff02e4a98b00efa3acfbbbb10"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: 51fc181f-104.126.36.214
accept-ranges: bytes
content-length: 18814
access-control-expose-headers: X-CDN

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
0 219ms
218ms Ping
application/json 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5KQOKL1T98720DVTST0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
0 243ms
243ms Ping
application/json 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5KQOKL1T98720DVTST0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
711 B 251ms
251ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5KQOKL1T98720DVTST0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 37e6a3ab.3d70198e
date: Tue, 26 Oct 2021 17:44:11 GMT
x-cache-remote: TCP_MISS from a23-64-122-100.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 183,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=153, origin; dur=30, inner; dur=11
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202110261744110102452480581D3EF2DE
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 30,23.64.122.100
x-tt-trace-host: 019fb33fe263e90dd5da21fa562235761f0e34b2e30abaebafc9156e46958cf799293612634112406a94758c340f08c26a5b9d8ca6eb49400dec0054bb5074b30ec2b1d3d9d40e60c82d0113c29fa6798b19201f1974f37f643c77e603983d5b69f0368dbef6c50a189308deda2e7cc72b
expires: Tue, 26 Oct 2021 17:44:11 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
712 B 297ms
297ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5KQOKL1T98720DVTST0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7c5d9949.3d7019ab
date: Tue, 26 Oct 2021 17:44:11 GMT
x-cache-remote: TCP_MISS from a104-81-138-53.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 205,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=162, origin; dur=47, inner; dur=33
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202110261744110102452410101203937E
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 47,104.81.138.53
x-tt-trace-host: 019fb33fe263e90dd5da21fa562235761fc688e834327f8b6c8e7d6eeacc0203181d147cf0db59f7d2b86e144b26b34c3e744180710c3965f7b37d58d239e8d1542f34bcc0bf64c31f897136c00a12928ae8c51345d6d4c64965c1f41d05c1a4537040ed04727f7bfab5e6611ad4d2e7d4
expires: Tue, 26 Oct 2021 17:44:11 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 509 B
844 B 102ms
36ms XHR
application/json 104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614250127391&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1635270251092

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.209 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

07d37037fac00adaab8d3068112bf139d2249facc615e9fc6674ce90f103f48c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:11 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.1fd854b8.1635270251.92fea86
x-envoy-upstream-service-time: 1
x-pinterest-rid: 3758883325992340
pin-unauth: dWlkPU9Ua3hNV1l4TWpZdE56ZGpaUzAwTXpKbExUZ3pZVEl0WWpjMk1qRmtNV1E1Tnpjeg
access-control-allow-origin: https://useortomed.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 364
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 102ms
36ms Image
image/gif 104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614250127391&pd=%7B%22np%22%3A%22shopify%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fuseortomed.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226ae4a9fc%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1635270251093

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.209 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:11 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.1fd854b8.1635270251.92fea87
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 9459539975701167
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
576 B 100ms
34ms Image
image/gif 104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%7D&tid=2614250127391&pd=%7B%22np%22%3A%22shopify%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fuseortomed.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226ae4a9fc%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1635270251094

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.209 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:11 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.1fd854b8.1635270251.92fea88
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1266594724155460
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
274 B 51ms
35ms XHR
text/plain 104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.209 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:11 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.1fd854b8.1635270251.92feaab
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1768630702870123
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 imegashop.js Show response
storage.googleapis.com/gsf-scripts/global-remarketing/ 10 KB
10 KB 171ms
119ms Script
text/javascript 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/gsf-scripts/global-remarketing/imegashop.js?1632754665&shop=imegashop.myshopify.com
Requested by: Host: useortomed.com
URL: https://useortomed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f0e87ad24439d74ddf33378e74e850f8e3d99c1934aa90cecae4bb563e20bc34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:11 GMT
age: 0
x-guploader-uploadid: ADPycdvjTa2-v7M-2liy4p5dJ29JRUrtpTEiQiQlVRHmgcAm-7sAHISUmMLU-gZ24AN1WXcPqnpGUlykbiliYIZNQy0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10108
last-modified: Mon, 27 Sep 2021 14:57:44 GMT
server: UploadServer
etag: "c3ff1bfb0229fc3299042e7942dc18f9"
x-goog-hash: crc32c=wd3alg==, md5=w/8b+wIp/DKZBC55QtwY+Q==
x-goog-generation: 1632754664757153
cache-control: no-cache, max-age=0
x-goog-stored-content-length: 10108
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 26 Oct 2021 17:44:11 GMT

GET
H2 200 module.js Show response
cdn1.avada.io/flying-pages/ 2 KB
2 KB 178ms
127ms Script
application/javascript 2606:4700:20::ac43:4616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avada.io/flying-pages/module.js?shop=imegashop.myshopify.com
Requested by: Host: useortomed.com
URL: https://useortomed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9a089e30a24cb2ded92130dc8d96390ce2e007f1b8fd3b4759d4b84a3364e93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: be95d3de549e4f2cee98a883799794f657ec3bbe
date: Tue, 26 Oct 2021 17:44:11 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
content-encoding: br
x-origin-cache: HIT
x-served-by: cache-mxp6929-MXP
last-modified: Mon, 25 Oct 2021 07:25:08 GMT
server: cloudflare
x-github-request-id: 9234:4E82:7D4AE6:81181A:61783E6B
x-timer: S1635270251.272183,VS0,VE95
etag: W/"61765bd4-99f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Xa66UUcDBmCV5quss18Hc25L5cL4AiLsXS68ywQJoYgUITjK2rEJdWLb2%2FD92vf441V7OYCHiWwcFT%2B5TLfiXRjDlffKaM%2FKsK04c7Encv2Aoav6%2FPinfGJIBVXf92R6AXsh%2BgAaoXFFlk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 6a457dbe6e19374a-MXP
x-proxy-cache: MISS
expires: Tue, 26 Oct 2021 17:54:11 GMT

GET
H/1.1 200
OK 6160f4cb38626.js Show response
empreender.nyc3.digitaloceanspaces.com/wcr/user_wfaqjs/ 0
462 B 308ms
99ms Script
text/javascript 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://empreender.nyc3.digitaloceanspaces.com/wcr/user_wfaqjs/6160f4cb38626.js?shop=imegashop.myshopify.com

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.243.189.2 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:11 GMT
last-modified: Tue, 26 Oct 2021 14:19:17 GMT
x-amz-request-id: tx00000000000016eb378bc-0061783e6b-18605e8d-nyc3b
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/javascript
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 0

GET
H2

200

ct.html Show response
www.pinterest.de/ Frame 719A
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.de/ct.html

413 B
4 KB

209ms
208ms

Document
text/html

104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.209 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

0d52269f5495eabd0c40e18bfa1b90a1ac52389db192d79a1fe1a0c6cb521e2f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-8abdfd15b31b77882c038c03fe803dda' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com; media-src 'self' .pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1430050503507367; frame-ancestors *
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.pinterest.de
:scheme: https
:path: /ct.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://useortomed.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-8abdfd15b31b77882c038c03fe803dda' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1430050503507367; frame-ancestors *
content-security-policy-report-only: script-src 'nonce-8abdfd15b31b77882c038c03fe803dda' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 113
pinterest-generated-by: coreapp-webapp-prod-0a0399a1
content-encoding: gzip
pinterest-version: a55b45b
referrer-policy: origin
x-pinterest-rid: 1430050503507367
date: Tue, 26 Oct 2021 17:44:11 GMT
content-length: 279
set-cookie: csrftoken=02ea3308860b7749d2343ba99fd42e51; path=/; expires=Wed, 26 Oct 2022 17:44:11 GMT; samesite=lax; secure _pinterest_sess=TWc9PSZxMnQ1ZFZOTUFINDhra2ZFeWl5SHRRdkhOTEpGc3RPUTg4NHFFNUF0MVFlRGkxTkYycmlNRFEzenN4UmJFcVdzN0I4Z1NWd3BKZjViSFF1TjIyZUp1dlUvZUpJcnY2UUVLcTZUajVoZ3cxTTVUS0hROGRxWEc5L05SS1dOMWJMbyZWbTl2VzBrMUVibGh2dk9uNE5UZ1NpL3VCdXM9; path=/; expires=Fri, 21 Oct 2022 17:44:11 GMT; samesite=none; secure; httponly _auth=0; path=/; expires=Fri, 21 Oct 2022 17:44:11 GMT; secure; httponly _pinterest_referrer=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.pinterest.com _routing_id="fd046439-54df-4bd6-8350-014ad5775f68"; Max-Age=86400; Path=/; HttpOnly
akamai-grn: 0.1fd854b8.1635270251.92feafc
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.de/ct.html
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 103
pinterest-generated-by: coreapp-webapp-prod-0a0388ee
content-encoding: gzip
pinterest-version: a55b45b
referrer-policy: origin
x-pinterest-rid: 1265082364807642
date: Tue, 26 Oct 2021 17:44:11 GMT
set-cookie: _routing_id="2bf84e08-e53f-43aa-ab60-50097d8aa28e"; Max-Age=86400; Path=/; HttpOnly
akamai-grn: 0.1fd854b8.1635270251.92feaa6
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

GET
H2 200 etid Show response
www.mercadolibre.com/jms/lgz/background/ 0
746 B 170ms
111ms XHR
text/html 13.227.220.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mercadolibre.com/jms/lgz/background/etid

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.220.58 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-220-58.ams54.r.cloudfront.net

Software

Tengine /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-meli-trace-site: UNKNOWN
date: Tue, 26 Oct 2021 17:44:11 GMT
via: 1.1 eec12a22159207af63748eccf10799b3.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-d2id: 554d1560-7031-4a22-ba5d-a70ab2c2f9af
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 1
x-meli-trace-platform: /web/desktop
x-xss-protection: 1; mode=block
x-request-id: 554d1560-7031-4a22-ba5d-a70ab2c2f9af
referrer-policy: no-referrer-when-downgrade
server: Tengine
etag: 13f4e17b-2fe4-49c7-95f2-127e530f8455-1635270251369
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: private, must-revalidate, proxy-revalidate
content-length: 0
x-meli-trace-bu: mercadolibre
x-amz-cf-id: 9P7XjBuPhuy9sbCqcC1zEpspE9muOplkET9baGeNd9WxjbbnKoVujw==
x-request-device-id: 554d1560-7031-4a22-ba5d-a70ab2c2f9af

GET
H2 200 background Show response
www.mercadolibre.com/jms/lgz/ Frame DA5C 6 KB
3 KB 158ms
129ms Document
text/html 13.227.220.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mercadolibre.com/jms/lgz/background?dps=armor.c064648a8a770c0aba42fb1511c6c0f28cde82b6ad028a1559e9ced3ee566ea6512f259ae06802bbc7efe6bee29f928693be4c78c27f2ab4ad5bd0cb38725ee39dddd5618100092e9b52cbf36795c3ab.316e679713911132459bc581cbeb0f30

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.220.58 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-220-58.ams54.r.cloudfront.net

Software

Tengine /

Resource Hash

006c1e631d8130e093f320c763959a9ea75478e00275375a2ac8d4c91d7974ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.mercadolibre.com
:scheme: https
:path: /jms/lgz/background?dps=armor.c064648a8a770c0aba42fb1511c6c0f28cde82b6ad028a1559e9ced3ee566ea6512f259ae06802bbc7efe6bee29f928693be4c78c27f2ab4ad5bd0cb38725ee39dddd5618100092e9b52cbf36795c3ab.316e679713911132459bc581cbeb0f30
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://useortomed.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/

Response headers

content-type: text/html
date: Tue, 26 Oct 2021 17:44:11 GMT
server: Tengine
set-cookie: _d2id=812b4b66-64c9-433d-be8a-79f6363e8613-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 26 Oct 2022 17:44:11 GMT
x-transaction-name: cross_domain_profiler
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-request-id: 812b4b66-64c9-433d-be8a-79f6363e8613
x-request-device-id: 812b4b66-64c9-433d-be8a-79f6363e8613
x-d2id: 812b4b66-64c9-433d-be8a-79f6363e8613
x-meli-trace-site: UNKNOWN
x-meli-trace-platform: /web/desktop
x-meli-trace-bu: mercadolibre
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 c149c6b8a4d6f497cac6f2d9e9e6be41.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: 1OYOVNIDkTj0PAgLMVrEiWOooJqNV5sJ5vP1c5YUAuMqJYvJdv1NYg==

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 104ms
62ms Image
text/html 2a00:1450:4001:800::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 armor.c064648a8a770c0aba42fb1511c6c0f28cde82b6ad028a1559e9ced3ee566ea6512f259ae06802bbc7efe6bee29f928693be4c78c27f2ab4ad5bd0cb38725ee39dddd5618100092e9b52cbf36795c3ab.316e679713911132459bc581cbeb0f30
www.mercadolibre.com/jms/lgz/background/session/ 78 B
1 KB 368ms
359ms Image
image/svg+xml 13.227.220.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mercadolibre.com/jms/lgz/background/session/armor.c064648a8a770c0aba42fb1511c6c0f28cde82b6ad028a1559e9ced3ee566ea6512f259ae06802bbc7efe6bee29f928693be4c78c27f2ab4ad5bd0cb38725ee39dddd5618100092e9b52cbf36795c3ab.316e679713911132459bc581cbeb0f30?background=armor.c064648a8a770c0aba42fb1511c6c0f28cde82b6ad028a1559e9ced3ee566ea6512f259ae06802bbc7efe6bee29f928693be4c78c27f2ab4ad5bd0cb38725ee39dddd5618100092e9b52cbf36795c3ab.316e679713911132459bc581cbeb0f30&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.220.58 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-220-58.ams54.r.cloudfront.net

Software

Tengine /

Resource Hash

1a5bb92d3a4f3d6c5260b0cebc7fd5fc9da5afc7dbba4716771abbb64922fcce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-meli-trace-site: UNKNOWN
date: Tue, 26 Oct 2021 17:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-d2id: 3ca7bc9f-115f-4c9f-b11d-b6fba08c2c5e
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
x-transaction-name: save_js_profiling
x-envoy-upstream-service-time: 8
x-meli-trace-platform: /web/desktop
x-xss-protection: 1; mode=block
x-request-id: 3ca7bc9f-115f-4c9f-b11d-b6fba08c2c5e
referrer-policy: no-referrer-when-downgrade
server: Tengine
content-type: image/svg+xml
via: 1.1 c149c6b8a4d6f497cac6f2d9e9e6be41.cloudfront.net (CloudFront)
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-meli-trace-bu: mercadolibre
x-amz-cf-id: gHaAVdhInZWf17XG_ZP87c_COayv1u2k4u6Av3DsZpEMxchEg_LXaQ==
x-request-device-id: 3ca7bc9f-115f-4c9f-b11d-b6fba08c2c5e

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-397309586

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/gsf-scripts/global-remarketing/imegashop.js?1632754665&shop=imegashop.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c76036008a04b55dcdf0c64e68004ba3d24208de72cc1f501d307eaf3b340a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 39203
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Oct 2021 17:44:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-208898399-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-397309586

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ae04a2d8acdf1d4ff07f449e9dd1f9ac9a5c8cdbe7d7ddde1a8e251efa2c92f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35794
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Oct 2021 17:44:11 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
144 B 15ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=382082227&t=pageview&_s=1&dl=https%3A%2F%2Fuseortomed.com%2F&ul=en-us&de=UTF-8&dt=Ortomed&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABBAAAAG~&jid=1811365454&gjid=830101011&cid=1468240983.1635270251&tid=UA-208898399-1&_gid=417889879.1635270251&_r=1&gtm=2ouak0&did=BwiEti&z=54945105

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://useortomed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
19 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-208898399-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 6185
date: Tue, 26 Oct 2021 16:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Tue, 26 Oct 2021 18:01:06 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 20ms
19ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-397309586

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ea0ccf3eab05a27a83fdc3a0c60ede70d4d2f18bf8be6cbdcc221d43ad5686ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14430
x-xss-protection: 0
server: cafe
etag: 16924264664223707549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 26 Oct 2021 17:44:11 GMT

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 719A 0
3 KB 135ms
135ms Other
text/plain 104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?rid=1430050503507367

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.209 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-caa96aa036da7a449dd2d92ddd40b7fa' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com; media-src 'self' .pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=6405127974176585; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-caa96aa036da7a449dd2d92ddd40b7fa' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=6405127974176585; frame-ancestors 'self'
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.1fd854b8.1635270251.92feb6b
content-security-policy-report-only: script-src 'nonce-caa96aa036da7a449dd2d92ddd40b7fa' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 39
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 6405127974176585
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: a55b45b
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Tue, 26 Oct 2021 17:44:11 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a0395eb

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 719A 0
3 KB 131ms
130ms Other
text/plain 104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.209 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-b20ad43edc635ab357a0d4ab168cc3ee' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com; media-src 'self' .pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1364421757725524; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-b20ad43edc635ab357a0d4ab168cc3ee' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1364421757725524; frame-ancestors 'self'
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.1fd854b8.1635270251.92feb6c
content-security-policy-report-only: script-src 'nonce-b20ad43edc635ab357a0d4ab168cc3ee' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 32
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1364421757725524
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: a55b45b
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Tue, 26 Oct 2021 17:44:11 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a0386fa

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 719A 0
3 KB 139ms
139ms Other
text/plain 104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: useortomed.com
URL: https://useortomed.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.209 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-f23f0df30053545be5e2cec8b283e241' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com; media-src 'self' .pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=5098312758087710; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-f23f0df30053545be5e2cec8b283e241' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=5098312758087710; frame-ancestors 'self'
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.1fd854b8.1635270251.92feb6d
content-security-policy-report-only: script-src 'nonce-f23f0df30053545be5e2cec8b283e241' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 40
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 5098312758087710
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: a55b45b
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Tue, 26 Oct 2021 17:44:11 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a03b082

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 322ms
21ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-208898399-1&cid=1468240983.1635270251&jid=1811365454&gjid=830101011&_gid=417889879.1635270251&_u=aGDAAUABBAAAAG~&z=210323116

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 26 Oct 2021 17:44:11 GMT
content-type: text/plain
access-control-allow-origin: https://useortomed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/397309586/ 2 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/397309586/?random=1635270251646&cv=9&fst=1635270251646&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fuseortomed.com%2F&tiba=Ortomed&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a8698ac9bf3a117588e4e041771144297714c06e335013d8e33786cfc64011c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1017
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/397309586/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/397309586/?random=1635270251646&cv=9&fst=1635270251646&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/397309586/?random=1635270251646&cv=9&fst=1635267600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/397309586/?random=1635270251646&cv=9&fst=1635267600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
108 B

28ms
27ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/397309586/?random=1635270251646&cv=9&fst=1635267600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dpage_view%3Becomm_pagetype%3Dhome%3Becomm_prodid%3Dshopify_BR_6673158602829_39515404402765%2Cshopify_BR_6667603181645_39482549108813%3Becomm_totalvalue%3D389.80&frm=0&url=https%3A%2F%2Fuseortomed.com%2F&tiba=Ortomed&async=1&is_vtc=1&random=1622936021&resp=GooglemKTybQhCsO&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/397309586/?random=1635270251646&cv=9&fst=1635267600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dpage_view%3Becomm_pagetype%3Dhome%3Becomm_prodid%3Dshopify_BR_6673158602829_39515404402765%2Cshopify_BR_6667603181645_39482549108813%3Becomm_totalvalue%3D389.80&frm=0&url=https%3A%2F%2Fuseortomed.com%2F&tiba=Ortomed&async=1&is_vtc=1&random=1622936021&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jsonp Show response
www.mercadolibre.com/jms/lgz/background/session/armor.c064648a8a770c0aba42fb1511c6c0f28cde82b6ad028a1559e9ced3ee566ea6512f259ae06802bbc7efe6bee29f928693be4c78c27f2ab4ad5bd0cb38725ee39dddd5618100092... Frame DA5C 21 B
774 B 103ms
103ms Script
text/javascript 13.227.220.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mercadolibre.com/jms/lgz/background/session/armor.c064648a8a770c0aba42fb1511c6c0f28cde82b6ad028a1559e9ced3ee566ea6512f259ae06802bbc7efe6bee29f928693be4c78c27f2ab4ad5bd0cb38725ee39dddd5618100092e9b52cbf36795c3ab.316e679713911132459bc581cbeb0f30/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiJiZmY5MWEyNS02MTVkLTRkMTMtYTcyNC0zOWZhYmYwOGM4OTItMTYzNTI3MDI1MTU3MSIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiNDZmN2YzMTgtZTcwOS00YTNiLTgyNzUtZjg2NDlkZDg0NDQzLTE2MzUyNzAyNTE1NzEifQ%3D%3D%22%7D&callback=dp_jsonp.process

Requested by

Host: www.mercadolibre.com
URL: https://www.mercadolibre.com/jms/lgz/background?dps=armor.c064648a8a770c0aba42fb1511c6c0f28cde82b6ad028a1559e9ced3ee566ea6512f259ae06802bbc7efe6bee29f928693be4c78c27f2ab4ad5bd0cb38725ee39dddd5618100092e9b52cbf36795c3ab.316e679713911132459bc581cbeb0f30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.220.58 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-220-58.ams54.r.cloudfront.net

Software

Tengine /

Resource Hash

4abde68cc3ebcb8653668a78058b74a9a67cc03fa87b142616b4041e4f0971e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mercadolibre.com/jms/lgz/background?dps=armor.c064648a8a770c0aba42fb1511c6c0f28cde82b6ad028a1559e9ced3ee566ea6512f259ae06802bbc7efe6bee29f928693be4c78c27f2ab4ad5bd0cb38725ee39dddd5618100092e9b52cbf36795c3ab.316e679713911132459bc581cbeb0f30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-meli-trace-site: UNKNOWN
date: Tue, 26 Oct 2021 17:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-d2id: 32d9a247-38ea-4782-842c-86e70b7e4505
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
x-transaction-name: save_cross_domain_profiling
x-envoy-upstream-service-time: 1
x-meli-trace-platform: /web/desktop
x-xss-protection: 1; mode=block
x-request-id: 32d9a247-38ea-4782-842c-86e70b7e4505
referrer-policy: no-referrer-when-downgrade
server: Tengine
content-type: text/javascript
via: 1.1 c149c6b8a4d6f497cac6f2d9e9e6be41.cloudfront.net (CloudFront)
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-meli-trace-bu: mercadolibre
x-amz-cf-id: rjoEye77I8kcIGn8ZDaGloJn0B4IB9JsDYEJsLCmSLVarmOQq0pJjw==
x-request-device-id: 32d9a247-38ea-4782-842c-86e70b7e4505

GET
H2 200 /
www.google.com/pagead/1p-user-list/397309586/ 42 B
108 B 29ms
29ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/397309586/?random=1635270251646&cv=9&fst=1635267600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fuseortomed.com%2F&tiba=Ortomed&async=1&fmt=3&is_vtc=1&random=2713051859&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/397309586/ 42 B
108 B 28ms
28ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/397309586/?random=1635270251646&cv=9&fst=1635267600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fuseortomed.com%2F&tiba=Ortomed&async=1&fmt=3&is_vtc=1&random=2713051859&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 39ms
38ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-208898399-1&cid=1468240983.1635270251&jid=1811365454&_u=aGDAAUABBAAAAG~&z=948442379

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 45ms
45ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-208898399-1&cid=1468240983.1635270251&jid=1811365454&_u=aGDAAUABBAAAAG~&z=948442379

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 17:44:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 unip Show response
trc.taboola.com/1413752/log/3/ 0
83 B 18ms
17ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1413752/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=32&ssd=1&est=1635270250470&ver=35&isls=true&src=i&invt=1500&tim=1635270252022&mrir=u&vi=1635270250468&ref=null&cv=20211026-3-RELEASE
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 11
pragma: no-cache
date: Tue, 26 Oct 2021 17:44:12 GMT
via: 1.1 varnish
server: nginx
x-timer: S1635270252.026430,VS0,VE11
x-served-by: cache-hhn4074-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://useortomed.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 200 produce
monorail-edge.shopifysvc.com/v1/ 0
475 B 132ms
131ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Oct 2021 17:44:12 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://useortomed.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 3bc7d14d-d9f3-433e-ab2b-d36f7e63fbf6

GET
H2 200 armor.c064648a8a770c0aba42fb1511c6c0f28cde82b6ad028a1559e9ced3ee566ea6512f259ae06802bbc7efe6bee29f928693be4c78c27f2ab4ad5bd0cb38725ee39dddd5618100092e9b52cbf36795c3ab.316e679713911132459bc581cbeb0f30
www.mercadolivre.com/jms/mlb/lgz/background/session/ 78 B
821 B 161ms
111ms Image
image/svg+xml 13.227.220.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mercadolivre.com/jms/mlb/lgz/background/session/armor.c064648a8a770c0aba42fb1511c6c0f28cde82b6ad028a1559e9ced3ee566ea6512f259ae06802bbc7efe6bee29f928693be4c78c27f2ab4ad5bd0cb38725ee39dddd5618100092e9b52cbf36795c3ab.316e679713911132459bc581cbeb0f30?background=armor.c064648a8a770c0aba42fb1511c6c0f28cde82b6ad028a1559e9ced3ee566ea6512f259ae06802bbc7efe6bee29f928693be4c78c27f2ab4ad5bd0cb38725ee39dddd5618100092e9b52cbf36795c3ab.316e679713911132459bc581cbeb0f30&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6ImNmYTNiNzU2OTk1MjUxOTNhZjhlYTcyYWU5NzJmN2E0IiwiY29ubmVjdGlvbiI6eyJkb3dubGluayI6OS4yLCJydHQiOiJ1bmtub3duIiwidHlwZSI6IjRnIn0sImNvb2tpZV9lbmFibGVkIjp0cnVlLCJkZXZpY2VfbWVtb3J5Ijo4LCJkb19ub3RfdHJhY2siOm51bGwsImV0YWciOiIxM2Y0ZTE3Yi0yZmU0LTQ5YzctOTVmMi0xMjdlNTMwZjg0NTUtMTYzNTI3MDI1MTM2OSIsImZvbnRzIjp7Im9zIjotMjMwNTU5Njc5LCJvdGhlcl9vcyI6IltcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkxpYmVyYXRpb24gTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkxpYmVyYXRpb24gU2Fuc1xcXCIgOjB9XCIsXCJ7XFxcIkxpYmVyYXRpb24gU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6LTE5OTU5NjMzN30sImhhcmR3YXJlX2NvbmN1cnJlbmN5Ijo0LCJoaXN0b3J5IjoyLCJpbmNvZ25pdG8iOmZhbHNlLCJqc190eXBlIjoianNfaGFzaCIsImxhbmciOiJlbi1VUyIsImxhbmd1YWdlcyI6WyJlbi1VUyIsImVuIl0sImxpdGVyYWxfY29sb3JzIjo5NTQxMDE5OTcsImxvY2FsX3N0b3JhZ2UiOnRydWUsImxvZ2luX2RldGVjdGlvbiI6eyJnb29nbGUiOmZhbHNlfSwibWF0aF9udW1iZXIiOjExMDIzLjM4NzQwNjE1MDk0LCJvcGVuX2RhdGFiYXNlIjpmYWxzZSwicGl4ZWxfcmF0aW8iOjEsInBsYXRmb3JtIjoiTGludXggeDg2XzY0Iiwid2ViZ2wiOnsiaW1hZ2UiOiIxMWVhMWZkMGRkNzAzOGE3ODFmNmQzNWE2MzIwZDQ2MCIsInJlcG9ydCI6IjU4NTU5NTdkYTExOTMwNjcxMzZiMzRjMzE4NjgxZmYyIiwidmVuZG9yIjoiSW50ZWwgSW5jLiIsInJlbmRlcmVyIjoiSW50ZWwgSXJpcyBPcGVuR0wgRW5naW5lIn0sInBsdWdpbnMiOnt9LCJyZXNvbHV0aW9uIjoiMTIwMHgxNjAweDI0Iiwic2NyZWVuIjp7Im9yaWVudGF0aW9uIjowLCJ0eXBlIjoibGFuZHNjYXBlLXByaW1hcnkiLCJhdmFpbF9oZWlnaHQiOjEyMDAsImF2YWlsX2xlZnQiOjAsImF2YWlsX3RvcCI6MCwiYXZhaWxfd2lkdGgiOjE2MDB9LCJzZXNzaW9uX3N0b3JhZ2UiOnRydWUsInRpbWUiOnsiY2FudmFzIjozMCwid2ViZ2wiOjg0LCJ1c2VyZm9udHMiOjQ5LCJicm93c2VycGx1Z2lucyI6MCwicGx1Z2lucyI6MSwiaW5zdGFsbGVkZm9udHMiOjM5LCJoYXNoIjoyMTMsInRvdGFsIjoyMTN9LCJ0aW1lX2Jhc2VkX2ZwIjowLjA5OTk5OTkwNDYzMjU2ODM2LCJ0aW1lX3pvbmVfbmFtZSI6IkV0Yy9Vbmtub3duIiwidGltZV96b25lX29mZnNldCI6MCwidG91Y2hfcG9pbnRzIjowLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkzLjAuNDU3Ny42MyBTYWZhcmkvNTM3LjM2IiwidmVuZG9yIjoiR29vZ2xlIEluYy4iLCJ3aW5kb3dfc2l6ZSI6eyJpbm5lciI6IjEyMDB4MTYwMCIsIm91dGVyIjoiMTIwMHgxNjAwIn0sIndlYmRyaXZlciI6ZmFsc2UsImluc3RhbGxlZF9mb250cyI6WyJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6WyJDaHJvbWUgUERGIFBsdWdpbjo6UG9ydGFibGUgRG9jdW1lbnQgRm9ybWF0OjphcHBsaWNhdGlvbi94LWdvb2dsZS1jaHJvbWUtcGRmfnBkZiIsIkNocm9tZSBQREYgVmlld2VyOjo6OmFwcGxpY2F0aW9uL3BkZn5wZGYiLCJOYXRpdmUgQ2xpZW50Ojo6OmFwcGxpY2F0aW9uL3gtbmFjbH4sYXBwbGljYXRpb24veC1wbmFjbH4iXSwibGlnaHRfdmVyc2lvbiI6ZmFsc2UsInJlZmVyZXIiOm51bGx9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.220.111 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-220-111.ams54.r.cloudfront.net

Software

Tengine /

Resource Hash

1a5bb92d3a4f3d6c5260b0cebc7fd5fc9da5afc7dbba4716771abbb64922fcce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-meli-trace-site: UNKNOWN
date: Tue, 26 Oct 2021 17:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-d2id: ae99a890-37fa-4a30-b42f-6a929755e421
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
x-transaction-name: save_js_profiling
x-envoy-upstream-service-time: 3
x-meli-trace-platform: /web/desktop
x-xss-protection: 1; mode=block
x-request-id: ae99a890-37fa-4a30-b42f-6a929755e421
referrer-policy: no-referrer-when-downgrade
server: Tengine
content-type: image/svg+xml
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-meli-trace-bu: mercadolibre
x-amz-cf-id: z4ry12hvhbYWB5yLzPdBc8gAYIt4DYv05QFKmHZmuISAbixbBi2ARA==
x-request-device-id: ae99a890-37fa-4a30-b42f-6a929755e421

GET
H3 200 /
useortomed.com/ 0
37 KB 227ms
170ms Other
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://useortomed.com/

Requested by

Host: cdn1.avada.io
URL: https://cdn1.avada.io/flying-pages/module.js?shop=imegashop.myshopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: secure_customer_sig=; _orig_referrer=; _landing_page=%2F; _y=5e4a43d3-eae0-41ff-873e-bd9610141792; _s=adb83677-877a-46dc-bc7f-5386a9989534; _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; _gcl_au=1.1.1121312130.1635270250; _shopify_sa_t=2021-10-26T17%3A44%3A10.773Z; _shopify_sa_p=; _ga=GA1.2.1468240983.1635270251; _gid=GA1.2.417889879.1635270251; _gat=1; _pin_unauth=dWlkPU9Ua3hNV1l4TWpZdE56ZGpaUzAwTXpKbExUZ3pZVEl0WWpjMk1qRmtNV1E1Tnpjeg; _gat_gtag_UA_208898399_1=1
:path: /
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: useortomed.com
referer: https://useortomed.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-request-trackable: false
x-shopify-stage: production
cf-ray: 6a457dc68fb054d0-MAN
x-cache: hit, server
x-alternate-cache-key: cacheable:01175f1728b2c1eb0b1471a913d14487
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 8739061837
x-shardid: 76
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-language: pt-BR
x-shopid: 8739061837
x-request-id: 0ed3af1f-6ca6-42a5-90bc-ee7f605d6b74
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Wed, 26 Oct 2022 17:44:12 GMT; secure; HttpOnly _y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:12 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:12 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:12 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:12 GMT; Domain=useortomed.com; Path=/; SameSite=Lax
content-type: text/html; charset=utf-8
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-sorting-hat-podid: 76

GET
H3 200 rastreio
useortomed.com/pages/ 0
28 KB 357ms
300ms Other
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://useortomed.com/pages/rastreio

Requested by

Host: cdn1.avada.io
URL: https://cdn1.avada.io/flying-pages/module.js?shop=imegashop.myshopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: secure_customer_sig=; _orig_referrer=; _landing_page=%2F; _y=5e4a43d3-eae0-41ff-873e-bd9610141792; _s=adb83677-877a-46dc-bc7f-5386a9989534; _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; _gcl_au=1.1.1121312130.1635270250; _shopify_sa_t=2021-10-26T17%3A44%3A10.773Z; _shopify_sa_p=; _ga=GA1.2.1468240983.1635270251; _gid=GA1.2.417889879.1635270251; _gat=1; _pin_unauth=dWlkPU9Ua3hNV1l4TWpZdE56ZGpaUzAwTXpKbExUZ3pZVEl0WWpjMk1qRmtNV1E1Tnpjeg; _gat_gtag_UA_208898399_1=1
:path: /pages/rastreio
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: useortomed.com
referer: https://useortomed.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-request-trackable: false
x-shopify-stage: production
cf-ray: 6a457dc68fb954d0-MAN
x-cache: miss
x-alternate-cache-key: cacheable:a889456f44d205f739eb311174722dd1
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 8739061837
x-shardid: 76
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-language: pt-BR
x-shopid: 8739061837
access-control-allow-origin: *
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Wed, 26 Oct 2022 17:44:12 GMT; secure; HttpOnly _y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:12 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:12 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:12 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:12 GMT; Domain=useortomed.com; Path=/; SameSite=Lax
x-request-id: 0eff2cbc-f007-4ab8-b732-ba9fe2d13037
content-type: text/html; charset=utf-8
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-sorting-hat-podid: 76

GET
H3 200 calcados-ortopedicos
useortomed.com/collections/ 0
32 KB 450ms
394ms Other
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://useortomed.com/collections/calcados-ortopedicos

Requested by

Host: cdn1.avada.io
URL: https://cdn1.avada.io/flying-pages/module.js?shop=imegashop.myshopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: secure_customer_sig=; _orig_referrer=; _landing_page=%2F; _y=5e4a43d3-eae0-41ff-873e-bd9610141792; _s=adb83677-877a-46dc-bc7f-5386a9989534; _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; _gcl_au=1.1.1121312130.1635270250; _shopify_sa_t=2021-10-26T17%3A44%3A10.773Z; _shopify_sa_p=; _ga=GA1.2.1468240983.1635270251; _gid=GA1.2.417889879.1635270251; _gat=1; _pin_unauth=dWlkPU9Ua3hNV1l4TWpZdE56ZGpaUzAwTXpKbExUZ3pZVEl0WWpjMk1qRmtNV1E1Tnpjeg; _gat_gtag_UA_208898399_1=1
:path: /collections/calcados-ortopedicos
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: useortomed.com
referer: https://useortomed.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-request-trackable: false
x-shopify-stage: production
cf-ray: 6a457dc68fb654d0-MAN
x-cache: miss
x-alternate-cache-key: cacheable:c15e196754ebc2d3a06c77bd76d40055
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 8739061837
x-shardid: 76
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-language: pt-BR
x-shopid: 8739061837
x-request-id: 54a05858-1bde-4219-bc46-346c7606acd4
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Wed, 26 Oct 2022 17:44:12 GMT; secure; HttpOnly _y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:12 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:12 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:12 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:12 GMT; Domain=useortomed.com; Path=/; SameSite=Lax
content-type: text/html; charset=utf-8
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-sorting-hat-podid: 76

GET
H3 200 /
useortomed.com/ 0
37 KB 168ms
168ms Other
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://useortomed.com/

Requested by

Host: cdn1.avada.io
URL: https://cdn1.avada.io/flying-pages/module.js?shop=imegashop.myshopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: secure_customer_sig=; _orig_referrer=; _landing_page=%2F; _y=5e4a43d3-eae0-41ff-873e-bd9610141792; _s=adb83677-877a-46dc-bc7f-5386a9989534; _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; _gcl_au=1.1.1121312130.1635270250; _shopify_sa_t=2021-10-26T17%3A44%3A10.773Z; _shopify_sa_p=; _ga=GA1.2.1468240983.1635270251; _gid=GA1.2.417889879.1635270251; _gat=1; _pin_unauth=dWlkPU9Ua3hNV1l4TWpZdE56ZGpaUzAwTXpKbExUZ3pZVEl0WWpjMk1qRmtNV1E1Tnpjeg; _gat_gtag_UA_208898399_1=1
:path: /
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: useortomed.com
referer: https://useortomed.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-request-trackable: false
x-shopify-stage: production
cf-ray: 6a457dcc680b54d0-MAN
x-cache: hit, server
x-alternate-cache-key: cacheable:01175f1728b2c1eb0b1471a913d14487
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 8739061837
x-shardid: 76
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-language: pt-BR
x-shopid: 8739061837
x-request-id: debabc0b-a462-4ca9-818a-e7dac4e66ea4
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Wed, 26 Oct 2022 17:44:13 GMT; secure; HttpOnly _y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:13 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:13 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:13 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:13 GMT; Domain=useortomed.com; Path=/; SameSite=Lax
content-type: text/html; charset=utf-8
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-sorting-hat-podid: 76

POST
H2 200 anonymous_device_session Show response
api.mercadopago.com/v1/device_sessions/ 301 B
880 B 234ms
234ms XHR
application/json 52.0.47.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercadopago.com/v1/device_sessions/anonymous_device_session

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.0.47.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-47-140.compute-1.amazonaws.com

Software

Resource Hash

72402e689d6681273a7d1d4c38c436c7383748b3f8a96d56ff9bd462034415e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://useortomed.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 26 Oct 2021 17:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains; preload
vary: accept,accept-encoding
x-xss-protection: 1; mode=block
x-request-id: 0f79a6b6-3bca-4ea5-a7b2-549101bc5396
access-control-allow-headers: Content-Type
x-trace-source: fury_app
access-control-max-age: 86400
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://useortomed.com
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-19,x-trace-digest-keys
cache-control: max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-source-ip: 185.232.23.182
x-trace-digest-19: g/k84nz3qBlxhDa8q9beGN7BVSaLklVIgjCFJPyontevPHz3gh7PtXI3lBZjGqOu

OPTIONS
H2 200 anonymous_device_session
api.mercadopago.com/v1/device_sessions/ Frame 0
0 115ms
115ms Preflight
application/json 52.0.47.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercadopago.com/v1/device_sessions/anonymous_device_session

Protocol

Server

52.0.47.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-47-140.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://useortomed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 26 Oct 2021 17:44:14 GMT
content-type: application/json;charset=utf-8
x-request-id: 6a341085-4f1f-4f4a-aac0-727d92907b6c
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-07,x-trace-digest-keys
x-source-ip: 185.232.23.182
x-trace-source: fury_app
x-trace-digest-07: ZAjJgiuLFBNZsk1FMhVHj2DU3mfyA++wVdh8aPIoPABEOduuDnPiPayKjrldTT+E
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: https://useortomed.com
vary: accept,accept-encoding
cache-control: max-age=0
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-max-age: 86400
timing-allow-origin: *

GET
H3 200 chinelo-nuvem-confort-ortopedico-plus-no-brasil
useortomed.com/products/ 0
45 KB 365ms
364ms Other
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://useortomed.com/products/chinelo-nuvem-confort-ortopedico-plus-no-brasil

Requested by

Host: cdn1.avada.io
URL: https://cdn1.avada.io/flying-pages/module.js?shop=imegashop.myshopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: secure_customer_sig=; _orig_referrer=; _landing_page=%2F; _y=5e4a43d3-eae0-41ff-873e-bd9610141792; _s=adb83677-877a-46dc-bc7f-5386a9989534; _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; _gcl_au=1.1.1121312130.1635270250; _shopify_sa_t=2021-10-26T17%3A44%3A10.773Z; _shopify_sa_p=; _ga=GA1.2.1468240983.1635270251; _gid=GA1.2.417889879.1635270251; _gat=1; _pin_unauth=dWlkPU9Ua3hNV1l4TWpZdE56ZGpaUzAwTXpKbExUZ3pZVEl0WWpjMk1qRmtNV1E1Tnpjeg; _gat_gtag_UA_208898399_1=1
:path: /products/chinelo-nuvem-confort-ortopedico-plus-no-brasil
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: useortomed.com
referer: https://useortomed.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-request-trackable: false
x-shopify-stage: production
cf-ray: 6a457dd2a8df54d0-MAN
x-cache: miss
x-alternate-cache-key: cacheable:5a714dda88feb7509b4ffe605063c7d4
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 8739061837
x-shardid: 76
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-language: pt-BR
x-shopid: 8739061837
access-control-allow-origin: *
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Wed, 26 Oct 2022 17:44:14 GMT; secure; HttpOnly _y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:14 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:14 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:14 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:14 GMT; Domain=useortomed.com; Path=/; SameSite=Lax
x-request-id: 043eb78d-18a9-464a-9b4e-67b4a12c0dc9
content-type: text/html; charset=utf-8
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-sorting-hat-podid: 76

GET
H3 200 tenis-para-corrida-e-caminhada
useortomed.com/products/ 0
44 KB 354ms
353ms Other
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://useortomed.com/products/tenis-para-corrida-e-caminhada

Requested by

Host: cdn1.avada.io
URL: https://cdn1.avada.io/flying-pages/module.js?shop=imegashop.myshopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: secure_customer_sig=; _orig_referrer=; _landing_page=%2F; _y=5e4a43d3-eae0-41ff-873e-bd9610141792; _s=adb83677-877a-46dc-bc7f-5386a9989534; _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; _gcl_au=1.1.1121312130.1635270250; _shopify_sa_t=2021-10-26T17%3A44%3A10.773Z; _shopify_sa_p=; _ga=GA1.2.1468240983.1635270251; _gid=GA1.2.417889879.1635270251; _gat=1; _pin_unauth=dWlkPU9Ua3hNV1l4TWpZdE56ZGpaUzAwTXpKbExUZ3pZVEl0WWpjMk1qRmtNV1E1Tnpjeg; _gat_gtag_UA_208898399_1=1
:path: /products/tenis-para-corrida-e-caminhada
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: useortomed.com
referer: https://useortomed.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-request-trackable: false
x-shopify-stage: production
cf-ray: 6a457dd2a8e154d0-MAN
x-cache: miss
x-alternate-cache-key: cacheable:6cf9a529eb08967d4a6da299e4dc117b
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 8739061837
x-shardid: 76
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-language: pt-BR
x-shopid: 8739061837
access-control-allow-origin: *
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Wed, 26 Oct 2022 17:44:14 GMT; secure; HttpOnly _y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:14 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:14 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:14 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:14 GMT; Domain=useortomed.com; Path=/; SameSite=Lax
x-request-id: c06e2fac-f500-41e1-9fb0-9f8ed8aa6f11
content-type: text/html; charset=utf-8
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-sorting-hat-podid: 76

GET
H3 200 kit-5-pares-meias-para-circulacao-tamanho-unico
useortomed.com/products/ 0
37 KB 358ms
357ms Other
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://useortomed.com/products/kit-5-pares-meias-para-circulacao-tamanho-unico

Requested by

Host: cdn1.avada.io
URL: https://cdn1.avada.io/flying-pages/module.js?shop=imegashop.myshopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: secure_customer_sig=; _orig_referrer=; _landing_page=%2F; _y=5e4a43d3-eae0-41ff-873e-bd9610141792; _s=adb83677-877a-46dc-bc7f-5386a9989534; _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; _gcl_au=1.1.1121312130.1635270250; _shopify_sa_t=2021-10-26T17%3A44%3A10.773Z; _shopify_sa_p=; _ga=GA1.2.1468240983.1635270251; _gid=GA1.2.417889879.1635270251; _gat=1; _pin_unauth=dWlkPU9Ua3hNV1l4TWpZdE56ZGpaUzAwTXpKbExUZ3pZVEl0WWpjMk1qRmtNV1E1Tnpjeg; _gat_gtag_UA_208898399_1=1
:path: /products/kit-5-pares-meias-para-circulacao-tamanho-unico
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: useortomed.com
referer: https://useortomed.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-request-trackable: false
x-shopify-stage: production
cf-ray: 6a457dd2a8e254d0-MAN
x-cache: miss
x-alternate-cache-key: cacheable:abf01a797d710e865c1b4ca341abb74f
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 8739061837
x-shardid: 76
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-language: pt-BR
x-shopid: 8739061837
access-control-allow-origin: *
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Wed, 26 Oct 2022 17:44:14 GMT; secure; HttpOnly _y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:14 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:14 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:14 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:14 GMT; Domain=useortomed.com; Path=/; SameSite=Lax
x-request-id: 7fa2bd2b-436e-42c2-b706-516a69b6be7c
content-type: text/html; charset=utf-8
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-sorting-hat-podid: 76

GET
H2 204 unip Show response
trc.taboola.com/1413752/log/3/ 0
79 B 21ms
21ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1413752/log/3/unip?en=pre_d_eng_tb&tos=4552&scd=32&ssd=1&est=1635270250470&ver=35&isls=true&src=i&invt=3000&tim=1635270255023&mrir=u&vi=1635270250468&ref=null&cv=20211026-3-RELEASE
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 26 Oct 2021 17:44:15 GMT
via: 1.1 varnish
server: nginx
x-timer: S1635270255.027343,VS0,VE9
x-served-by: cache-hhn4074-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://useortomed.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3 200 tenis-ortopedico-fashion-gel
useortomed.com/products/ 0
41 KB 322ms
321ms Other
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://useortomed.com/products/tenis-ortopedico-fashion-gel

Requested by

Host: cdn1.avada.io
URL: https://cdn1.avada.io/flying-pages/module.js?shop=imegashop.myshopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: secure_customer_sig=; _orig_referrer=; _landing_page=%2F; _y=5e4a43d3-eae0-41ff-873e-bd9610141792; _s=adb83677-877a-46dc-bc7f-5386a9989534; _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; _gcl_au=1.1.1121312130.1635270250; _shopify_sa_t=2021-10-26T17%3A44%3A10.773Z; _shopify_sa_p=; _ga=GA1.2.1468240983.1635270251; _gid=GA1.2.417889879.1635270251; _gat=1; _pin_unauth=dWlkPU9Ua3hNV1l4TWpZdE56ZGpaUzAwTXpKbExUZ3pZVEl0WWpjMk1qRmtNV1E1Tnpjeg; _gat_gtag_UA_208898399_1=1
:path: /products/tenis-ortopedico-fashion-gel
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: useortomed.com
referer: https://useortomed.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-request-trackable: false
x-shopify-stage: production
cf-ray: 6a457dd8e97654d0-MAN
x-cache: miss
x-alternate-cache-key: cacheable:940d3ad17e1a7f1844a62cad1c418eb6
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 8739061837
x-shardid: 76
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-language: pt-BR
x-shopid: 8739061837
access-control-allow-origin: *
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Wed, 26 Oct 2022 17:44:15 GMT; secure; HttpOnly _y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:15 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:15 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:15 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:15 GMT; Domain=useortomed.com; Path=/; SameSite=Lax
x-request-id: 29417689-b516-42d4-be57-42c85ec81276
content-type: text/html; charset=utf-8
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-sorting-hat-podid: 76

GET
H3 200 sandalia-ortopedica-ortomed
useortomed.com/products/ 0
42 KB 336ms
336ms Other
text/html 23.227.38.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://useortomed.com/products/sandalia-ortopedica-ortomed

Requested by

Host: cdn1.avada.io
URL: https://cdn1.avada.io/flying-pages/module.js?shop=imegashop.myshopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: secure_customer_sig=; _orig_referrer=; _landing_page=%2F; _y=5e4a43d3-eae0-41ff-873e-bd9610141792; _s=adb83677-877a-46dc-bc7f-5386a9989534; _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; _gcl_au=1.1.1121312130.1635270250; _shopify_sa_t=2021-10-26T17%3A44%3A10.773Z; _shopify_sa_p=; _ga=GA1.2.1468240983.1635270251; _gid=GA1.2.417889879.1635270251; _gat=1; _pin_unauth=dWlkPU9Ua3hNV1l4TWpZdE56ZGpaUzAwTXpKbExUZ3pZVEl0WWpjMk1qRmtNV1E1Tnpjeg; _gat_gtag_UA_208898399_1=1
:path: /products/sandalia-ortopedica-ortomed
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: useortomed.com
referer: https://useortomed.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://useortomed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:44:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-request-trackable: false
x-shopify-stage: production
cf-ray: 6a457dd8e97854d0-MAN
x-cache: miss
x-alternate-cache-key: cacheable:668e7f1a6f0ba087956ef51bd59c867d
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 8739061837
x-shardid: 76
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-language: pt-BR
x-shopid: 8739061837
access-control-allow-origin: *
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Wed, 26 Oct 2022 17:44:15 GMT; secure; HttpOnly _y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:15 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:15 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_y=5e4a43d3-eae0-41ff-873e-bd9610141792; Expires=Wed, 26-Oct-22 17:44:15 GMT; Domain=useortomed.com; Path=/; SameSite=Lax _shopify_s=adb83677-877a-46dc-bc7f-5386a9989534; Expires=Tue, 26-Oct-21 18:14:15 GMT; Domain=useortomed.com; Path=/; SameSite=Lax
x-request-id: d43ee81a-ec65-429b-a79a-c3ff344b4fb1
content-type: text/html; charset=utf-8
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-sorting-hat-podid: 76

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
useortomed.com/	1970-01-20 07:00:06	Name: secure_customer_sig Value:
.useortomed.com/	1970-01-19 22:34:39	Name: _orig_referrer Value:
.useortomed.com/	1970-01-19 22:34:39	Name: _landing_page Value: %2F
.useortomed.com/	1970-01-20 07:00:06	Name: _y Value: 5e4a43d3-eae0-41ff-873e-bd9610141792
.useortomed.com/	1970-01-19 22:14:32	Name: _s Value: adb83677-877a-46dc-bc7f-5386a9989534
.useortomed.com/	1970-01-20 07:00:06	Name: _shopify_y Value: 5e4a43d3-eae0-41ff-873e-bd9610141792
.useortomed.com/	1970-01-19 22:14:32	Name: _shopify_s Value: adb83677-877a-46dc-bc7f-5386a9989534
.useortomed.com/	1970-01-20 00:24:06	Name: _gcl_au Value: 1.1.1121312130.1635270250
.useortomed.com/	1970-01-19 22:14:32	Name: _shopify_sa_t Value: 2021-10-26T17%3A44%3A10.773Z
.useortomed.com/	1970-01-19 22:14:32	Name: _shopify_sa_p Value:
.useortomed.com/	1970-01-20 15:45:42	Name: _ga Value: GA1.2.1468240983.1635270251
.useortomed.com/	1970-01-19 22:15:56	Name: _gid Value: GA1.2.417889879.1635270251
.useortomed.com/	1970-01-19 22:14:30	Name: _gat Value: 1
.ct.pinterest.com/	1970-01-20 07:00:06	Name: _pinterest_ct_ua Value: "TWc9PSZjZjU1eFVXUkRjUWhKdTk1NmlZQlU4WURIUWNHdzdWZkpVUWFTTGxmYVc5clpVVDErM2JsbmJOS2lRQ1hIdnlqNFZMd29HYldrT3NpNDJqa213SGtKcnM4TXdydTROcUF1aDhiakRqWU40OD0mVUo1VDc0WHVHZ3M3czdpTnR1U1FaUTk1U1lJPQ=="
.useortomed.com/	1970-01-20 07:00:06	Name: _pin_unauth Value: dWlkPU9Ua3hNV1l4TWpZdE56ZGpaUzAwTXpKbExUZ3pZVEl0WWpjMk1qRmtNV1E1Tnpjeg
.useortomed.com/	1970-01-19 22:14:30	Name: _gat_gtag_UA_208898399_1 Value: 1
www.pinterest.de/	1970-01-20 06:52:54	Name: _pinterest_sess Value: TWc9PSZxMnQ1ZFZOTUFINDhra2ZFeWl5SHRRdkhOTEpGc3RPUTg4NHFFNUF0MVFlRGkxTkYycmlNRFEzenN4UmJFcVdzN0I4Z1NWd3BKZjViSFF1TjIyZUp1dlUvZUpJcnY2UUVLcTZUajVoZ3cxTTVUS0hROGRxWEc5L05SS1dOMWJMbyZWbTl2VzBrMUVibGh2dk9uNE5UZ1NpL3VCdXM9
.doubleclick.net/	1970-01-20 07:36:06	Name: IDE Value: AHWqTUmd9cfz09Gx-HpTITdMGIqOYbZJ_eoC8HA9jy-XhN86f5zaO9AsMkyGUOa9
.mercadolibre.com/	1970-01-22 11:33:42	Name: dsid Value: 79228aa0-aafb-4a57-9f83-35e0126f4ca6-1635270251795
.mercadolibre.com/	1970-01-22 11:33:42	Name: edsid Value: 3db63b64-da93-461f-a978-411beeea8878-1635270251795

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-8abdfd15b31b77882c038c03fe803dda' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.tiktok.com
api.dooki.com.br
api.dsreviews.net
api.mercadopago.com
cdn.jsdelivr.net
cdn.shopify.com
cdn.taboola.com
cdn.yampi.me
cdn1.avada.io
cdnjs.cloudflare.com
ct.pinterest.com
empreender.nyc3.digitaloceanspaces.com
fonts.shopifycdn.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
monorail-edge.shopifysvc.com
myip.wtf
rawart.com.br
s.pinimg.com
stats.g.doubleclick.net
storage.googleapis.com
trc.taboola.com
useortomed.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.mercadolibre.com
www.mercadolivre.com
www.mercadopago.com
www.pinterest.com
www.pinterest.de
104.198.248.251
104.84.56.209
13.227.220.111
13.227.220.58
142.250.185.226
151.101.65.44
162.243.189.2
2.16.186.242
23.227.38.32
2606:4700:20::ac43:4616
2606:4700:20::ac43:480e
2606:4700:3035::6815:e4f
2606:4700::6810:125e
2606:4700::6810:5514
2606:4700::6812:acf
2620:2:6000::bad:dab:cafe
2a00:1450:4001:800::2008
2a00:1450:4001:800::200d
2a00:1450:4001:813::2004
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2010
2a00:1450:4001:830::2002
2a00:1450:400c:c08::9c
2a02:26f0:7100:1b9::1931
2a02:2770:16:0:21a:4aff:fedc:c1bf
2a04:4e42:400::268
52.0.47.140
52.222.139.97
54.233.141.230
006c1e631d8130e093f320c763959a9ea75478e00275375a2ac8d4c91d7974ad
03fe804368597b63e2ab2349abde3c4c92be70a5d1848759617d16b4036fc8eb
06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4
07d37037fac00adaab8d3068112bf139d2249facc615e9fc6674ce90f103f48c
0a8698ac9bf3a117588e4e041771144297714c06e335013d8e33786cfc64011c
0ae04a2d8acdf1d4ff07f449e9dd1f9ac9a5c8cdbe7d7ddde1a8e251efa2c92f
0d52269f5495eabd0c40e18bfa1b90a1ac52389db192d79a1fe1a0c6cb521e2f
0d63f4e6f8e182e2d83617beda498cb57954c6234e0fa9c919c1cd382f9a303d
13d8f7f6f4f89fa6b27b804672a398a29a6416d33bf9e9a5fb4b1c0f5509b8fe
19b16deb371d87be0408746efde7c55dfb00b167c227610da840f128b623cbb8
1a5bb92d3a4f3d6c5260b0cebc7fd5fc9da5afc7dbba4716771abbb64922fcce
1e1661a31f15d5ee075ef612ca2af1f5699ea6182b0fcface9ffa423d2831c15
2dd07bab282afa136ce4e10506062bd369199a01cd307a6a198de15cb02921a3
353b11e123a6dd81df26b9ab9af06d118a9f43a8d0e72bc428c86041edc3225d
366678e70077cfc1013e97f532acea051e6730caeedd391697400c15af4e57ff
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38b694f54a46f04a1aea062e78e816742a63f586da5fb402e99e902bb4767c5f
3b48af9153e92423d79f2d3bdc3e0b15e482ceb87e5c3ce3af5bd6f593cead9d
3bba55dc798e509bfc310dd0da6cb1d6cffb0c9e5e5878b60fbfef1ba8c17876
40d8b12a7c01c103dcaa5145dbe2123d1e65819b728d159e61a17094649bc94e
4895481db11bac35c81e7f1ce384014efe67c31bcc2e05dd9aada69c3a45cb67
48ae9ed1cac75b617355bdb11b27d4455b02e13f51d8cdccfb3262c195314f66
4a609c6dfff57a1865067c376468a736ee9f8d0578ef52c3063738c8c30986c9
4abde68cc3ebcb8653668a78058b74a9a67cc03fa87b142616b4041e4f0971e1
4b5cfaae36eb194514bcb87c2ed911962995db479ed9d14577eca215d69d04b0
4c1015de48a2b05973e60ded5d34b2b0369e61fcde5a4ece30956116ec86e4ef
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548e489a36baae30056284559def410a8f6ef127e617d292fe131d1937fc7f9d
551850dd17c78bbfb877107259be202f47e05bb56a306f552b8525d6cc28c1dd
565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5d58c994e141ae6b8fe292184155e6a136566ef6965b9c87780c3ec6081a0b5c
5f2634a24775898b4af50f16049dc79c9b4d8093d2e541afec4e2a4c1b1b03ff
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6c443f7834079c228539e025533a315eb6727ccf9f9b94860ad1fdbfc2033107
721666d957cce6bee1c45bba4c602b70999853e635f5f4fe9a0e7c201542b5d5
72402e689d6681273a7d1d4c38c436c7383748b3f8a96d56ff9bd462034415e7
76d611e237068f2e08a098e37403bac221055673bc208815d19ab3684b24bb18
80c787474f650180d90c719b89f622740a2af300751b1aab91f141b5ecf7119b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
886430890562cc216ae31a8047f07542f8df8c11f9465f9b08a8dd2da529ac9a
895a9abb219fd2af30ad07d7ed904c321249fa5d6a7cf966e69586443ff2ebca
8c6108e6c6ea11c3e1e3c48d97cb5dba341879cc1e1c330337bd930122e92991
902feb64d8b6d481ab8ddda06fbebbba4c95dfa9b7936a7beeb197266cd8b846
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef
971cb189b352a278e3458f0481bd92e6369e2dbdb1f1153e9e123b7c1c8916b3
9d6e416cac08217a8c4d1875b0986213ce2a7969a4937320a71ef817720193ba
a218eac84026fc65e96842217d0ba9fea271329a3a93db13199a926c8e5cd48d
a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524
a6e9e686baf87a3c5b76f0e70e726cd63dcd253314d9874c1bd75f377647a9b6
b0c29bd1f9a7895853e3028253ff3da8b8bc5ac2c930eda1c441412ee7dbda3a
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b4cdb083e0605dbbd606f0cfa4bf80972ceec3e0cd3f18218327af3af1ce5f06
baeeba36ad2be508459d5a738071f6d2bd7c1b4388d293ede8ef40a966c1beac
c3bee6a337eb872bc6884fc56382decb2008e7d725f70b088769f925be9c9118
c76036008a04b55dcdf0c64e68004ba3d24208de72cc1f501d307eaf3b340a83
c9a089e30a24cb2ded92130dc8d96390ce2e007f1b8fd3b4759d4b84a3364e93
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
d02ba41ef7d594a81e4c6e7728b69f8727417da58dfdfe7a6ecf1f83416b37da
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e
dbfb9b1e0ed9a7f0b35a2612d6de14d593bc1eec5cc608c1c154a807fc12cbf9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f
ea0ccf3eab05a27a83fdc3a0c60ede70d4d2f18bf8be6cbdcc221d43ad5686ec
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e87ad24439d74ddf33378e74e850f8e3d99c1934aa90cecae4bb563e20bc34
f57c7212fd3c303c5a79e95d877d401f9c60345229d95e925e8b83db8f480396
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fd059498e1e492ce4882db0db68d1431a6d44876ed6620670243c1cb693b983f
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

useortomed.com Open in urlscan Pro 23.227.38.32 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

131 Requests

100 %HTTPS

60 %IPv6

29 Domains

34 Subdomains

31 IPs

7 Countries

1760 kBTransfer

3351 kBSize

20 Cookies

7 Outgoing links

Page URL History

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

useortomed.com Open in urlscan Pro
23.227.38.32 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

100 %
HTTPS

60 %
IPv6

29
Domains

34
Subdomains

31
IPs

7
Countries

1760 kB
Transfer

3351 kB
Size

20
Cookies

131 HTTP transactions
1 data transactions