www.soo-healthy.com Open in urlscan Pro
2606:4700:3034::ac43:ab97 Public Scan

URL:
https://www.soo-healthy.com/3559
Submission: On July 18 via api (July 18th 2021, 11:50:49 am UTC) from US

Summary HTTP 257 Redirects Behaviour Indicators

Summary

This website contacted 57 IPs in 8 countries across 57 domains to perform 257 HTTP transactions. The main IP is 2606:4700:3034::ac43:ab97, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.soo-healthy.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2021. Valid for: a year.

This is the only time www.soo-healthy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	2606:4700:303... 2606:4700:3034::ac43:ab97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3036::6815:38ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	13.224.90.44 13.224.90.44	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:6c0... 2a02:26f0:6c00:2ab::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 18	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 5	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
23	54.172.246.227 54.172.246.227	14618 (AMAZON-AES) (AMAZON-AES)
1	18.208.241.4 18.208.241.4	14618 (AMAZON-AES) (AMAZON-AES)
5 5	3.126.63.176 3.126.63.176	16509 (AMAZON-02) (AMAZON-02)
4 7	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3	34.192.164.183 34.192.164.183	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.185.190.29 18.185.190.29	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
3 6	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
2	3.120.211.246 3.120.211.246	16509 (AMAZON-02) (AMAZON-02)
11	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1 9	52.95.116.38 52.95.116.38	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:7000:0:70b1:7080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
2 3	23.92.190.69 23.92.190.69	10913 (INTERNAP-BLK) (INTERNAP-BLK)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
7 9	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	52.46.133.124 52.46.133.124	16509 (AMAZON-02) (AMAZON-02)
1 1	34.198.116.61 34.198.116.61	14618 (AMAZON-AES) (AMAZON-AES)
6 6	18.184.169.195 18.184.169.195	16509 (AMAZON-02) (AMAZON-02)
1 1	157.90.167.185 157.90.167.185	24940 (HETZNER-AS) (HETZNER-AS)
2 3	34.251.130.56 34.251.130.56	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	18.159.182.76 18.159.182.76	16509 (AMAZON-02) (AMAZON-02)
2 2	3.127.166.11 3.127.166.11	16509 (AMAZON-02) (AMAZON-02)
8 8	52.30.222.33 52.30.222.33	16509 (AMAZON-02) (AMAZON-02)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 1	185.86.138.114 185.86.138.114	201081 (SMARTADSE...) (SMARTADSERVER)
3 3	185.29.135.233 185.29.135.233	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	64.233.184.155 64.233.184.155	15169 (GOOGLE) (GOOGLE)
1 1	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	54.78.251.22 54.78.251.22	16509 (AMAZON-02) (AMAZON-02)
1 2	54.204.142.198 54.204.142.198	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	184.31.88.106 184.31.88.106	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2606:4700:303... 2606:4700:3030::ac43:9b2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
5	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:5b::c	15169 (GOOGLE) (GOOGLE)
4	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	52.203.172.63 52.203.172.63	14618 (AMAZON-AES) (AMAZON-AES)
2 2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
16	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3033::6815:3a2a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
4	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
257	57

37 2606:4700:3034::ac43:ab97 (United States)

ASN13335 (CLOUDFLARENET, US)

www.soo-healthy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:38ad (United States)

ASN13335 (CLOUDFLARENET, US)

nshr9wraulbrkbqsb.ay.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.224.90.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-90-44.zrh50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 54.172.246.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-246-227.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.241.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-241-4.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.126.63.176 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-63-176.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.192.164.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-164-183.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.190.29 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-190-29.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.173.27 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.211.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-211-246.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

aniview-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.95.116.38 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:7000:0:70b1:7080:93a1 (United States)

ASN16509 (AMAZON-02, US)

sync-amz.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

amazon-tam-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.92.190.69 (United States) 2 redirects

ASN10913 (INTERNAP-BLK, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.245 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.226 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.14.49 (Frankfurt am Main, Germany) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.133.124 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.116.61 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-116-61.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.184.169.195 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-169-195.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.167.185 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.185.167.90.157.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.251.130.56 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-130-56.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.182.76 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.166.11 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-166-11.eu-central-1.compute.amazonaws.com

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.30.222.33 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.114 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.135.233 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.184.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.38 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.251.22 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.204.142.198 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-142-198.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.88.106 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3030::ac43:9b2f (United States)

ASN13335 (CLOUDFLARENET, US)

paylo.leavy.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:5b::c (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r6---sn-4g5ednls.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.172.63 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:3a2a (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	doubleclick.net 7 redirects securepubads.g.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net bid.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	183 KB
37	soo-healthy.com www.soo-healthy.com	338 KB
32	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	101 KB
32	aniview.com tg1.aniview.com player.aniview.com track1.aniview.com go1.aniview.com sync.aniview.com	231 KB
17	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com s.amazon-adsystem.com	78 KB
16	casalemedia.com 1 redirects as-sec.casalemedia.com htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com	20 KB
11	openx.net aniview-d.openx.net u.openx.net us-u.openx.net eu-u.openx.net	3 KB
10	yahoo.com 4 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	7 KB
10	gstatic.com fonts.gstatic.com csi.gstatic.com	47 KB
8	bidr.io 8 redirects match.prod.bidr.io	3 KB
8	adnxs.com 4 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	23 KB
7	lijit.com 2 redirects ap.lijit.com ce.lijit.com	7 KB
7	advertising.com 5 redirects pixel.advertising.com ads.adaptv.advertising.com	2 KB
6	bidswitch.net 6 redirects x.bidswitch.net	2 KB
6	2mdn.net 2 redirects s0.2mdn.net gcdn.2mdn.net r6---sn-4g5ednls.c.2mdn.net	2 MB
5	teads.tv p.teads.tv t.teads.tv	7 KB
5	adsrvr.org 2 redirects match.adsrvr.org	2 KB
5	googleapis.com fonts.googleapis.com imasdk.googleapis.com	614 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net	1 KB
3	leavy.me paylo.leavy.me	6 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	crwdcntrl.net 2 redirects bcp.crwdcntrl.net	1 KB
3	google.com adservice.google.com www.google.com	989 B
3	adform.net 2 redirects adx.adform.net c1.adform.net	1 KB
3	indexww.com js-sec.indexww.com	17 KB
2	fouanalytics.com api.fouanalytics.com	923 B
2	tapad.com 2 redirects pixel.tapad.com	963 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	eqads.com 1 redirects um2.eqads.com	563 B
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	3lift.com 2 redirects eb2.3lift.com	742 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	360yield.com 2 redirects ad.360yield.com	724 B
2	ay.delivery nshr9wraulbrkbqsb.ay.delivery	22 KB
1	exelator.com 1 redirects loadm.exelator.com	616 B
1	postrelease.com 1 redirects jadserve.postrelease.com	544 B
1	google.de www.google.de	522 B
1	taboola.com cdn.taboola.com	25 KB
1	adroll.com 1 redirects d.adroll.com	112 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com	755 B
1	contextweb.com 1 redirects bh.contextweb.com	794 B
1	pubmatic.com 1 redirects image2.pubmatic.com	556 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com	219 B
1	advangelists.com 1 redirects nep.advangelists.com	232 B
1	quantserve.com 1 redirects pixel.quantserve.com	497 B
1	turn.com 1 redirects ad.turn.com	418 B
1	dotomi.com amazon-tam-match.dotomi.com
1	yieldmo.com sync-amz.ads.yieldmo.com	481 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	543 B
1	googletagmanager.com www.googletagmanager.com	54 KB
1	rlcdn.com api.rlcdn.com	224 B
1	cloudflare.com ajax.cloudflare.com	4 KB
1	btloader.com btloader.com	5 KB
257	57

	Domain	Requested by
37	www.soo-healthy.com	www.soo-healthy.com ajax.cloudflare.com
23	track1.aniview.com	player.aniview.com
20	googleads.g.doubleclick.net
16	ade.googlesyndication.com
12	pagead2.googlesyndication.com	srcdoc tpc.googlesyndication.com
9	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com um2.eqads.com
9	cm.g.doubleclick.net	7 redirects u.openx.net ap.lijit.com
9	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com u.openx.net ssum-sec.casalemedia.com ap.lijit.com
8	match.prod.bidr.io	8 redirects
7	ups.analytics.yahoo.com	4 redirects
7	c.amazon-adsystem.com	www.soo-healthy.com c.amazon-adsystem.com player.aniview.com
6	x.bidswitch.net	6 redirects
6	ib.adnxs.com	3 redirects player.aniview.com acdn.adnxs.com
5	csi.gstatic.com	imasdk.googleapis.com
5	pixel.advertising.com	5 redirects
5	match.adsrvr.org	2 redirects js-sec.indexww.com u.openx.net ssum-sec.casalemedia.com
5	fonts.gstatic.com	fonts.googleapis.com
4	t.teads.tv	p.teads.tv
4	tpc.googlesyndication.com	imasdk.googleapis.com tpc.googlesyndication.com
4	ce.lijit.com	ap.lijit.com
4	sync-tm.everesttech.net	4 redirects
4	eu-u.openx.net	u.openx.net
4	us-u.openx.net	u.openx.net
4	pubads.g.doubleclick.net	imasdk.googleapis.com
4	imasdk.googleapis.com	player.aniview.com imasdk.googleapis.com
4	player.aniview.com	tg1.aniview.com player.aniview.com
3	paylo.leavy.me	www.soo-healthy.com paylo.leavy.me
3	sync.mathtag.com	3 redirects
3	pr-bh.ybp.yahoo.com	u.openx.net ssum-sec.casalemedia.com
3	bcp.crwdcntrl.net	2 redirects ssum-sec.casalemedia.com
3	ap.lijit.com	2 redirects aax-eu.amazon-adsystem.com
3	ssum-sec.casalemedia.com	aax-eu.amazon-adsystem.com ssum-sec.casalemedia.com js-sec.indexww.com
3	sync.aniview.com	player.aniview.com
3	js-sec.indexww.com	ajax.cloudflare.com player.aniview.com ssum-sec.casalemedia.com
3	securepubads.g.doubleclick.net	www.soo-healthy.com securepubads.g.doubleclick.net
2	tr.outbrain.com	amplify.outbrain.com
2	api.fouanalytics.com	player.aniview.com
2	googleads4.g.doubleclick.net
2	pixel.tapad.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	r6---sn-4g5ednls.c.2mdn.net
2	gcdn.2mdn.net	2 redirects
2	www.google-analytics.com	www.googletagmanager.com
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	prod.perf-serving.com	2 redirects
2	pm.w55c.net	2 redirects
2	dsum.casalemedia.com	ssum-sec.casalemedia.com
2	c1.adform.net	2 redirects
2	eb2.3lift.com	2 redirects
2	u.openx.net	aax-eu.amazon-adsystem.com player.aniview.com
2	adservice.google.com	imasdk.googleapis.com
2	s0.2mdn.net	imasdk.googleapis.com
2	ads.adaptv.advertising.com	player.aniview.com
2	sync.1rx.io	2 redirects
2	ad.360yield.com	2 redirects
2	nshr9wraulbrkbqsb.ay.delivery	www.soo-healthy.com
1	loadm.exelator.com	1 redirects
1	jadserve.postrelease.com	1 redirects
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.taboola.com	www.soo-healthy.com
1	amplify.outbrain.com	www.soo-healthy.com
1	p.teads.tv	www.googletagmanager.com
1	d.adroll.com	1 redirects
1	secure.adnxs.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	bh.contextweb.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	bidswitch-eu.splicky.com	1 redirects
1	nep.advangelists.com	1 redirects
1	s.amazon-adsystem.com	ssum-sec.casalemedia.com
1	acdn.adnxs.com	player.aniview.com
1	pixel.quantserve.com	1 redirects
1	ad.turn.com	1 redirects
1	amazon-tam-match.dotomi.com	aax-eu.amazon-adsystem.com
1	sync-amz.ads.yieldmo.com	aax-eu.amazon-adsystem.com
1	htlb.casalemedia.com	player.aniview.com
1	adx.adform.net	player.aniview.com
1	aniview-d.openx.net	player.aniview.com
1	cdn.jsdelivr.net	player.aniview.com
1	sync.targeting.unrulymedia.com	1 redirects
1	as-sec.casalemedia.com	js-sec.indexww.com
1	go1.aniview.com	player.aniview.com
1	www.googletagmanager.com	www.soo-healthy.com
1	api.rlcdn.com	js-sec.indexww.com
1	tg1.aniview.com	ajax.cloudflare.com
1	ajax.cloudflare.com	www.soo-healthy.com
1	btloader.com	www.soo-healthy.com
1	fonts.googleapis.com	www.soo-healthy.com
257	91

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-27` - `2022-06-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.ads.yieldmo.com Amazon	`2021-01-18` - `2022-02-15`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
um3.eqads.com Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-07-06` - `2021-09-14`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh

This page contains 28 frames:

Primary Page: https://www.soo-healthy.com/3559
Frame ID: A0EB11133234463D35B40D5DB4DA3A7D
Requests: 122 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=602bf4005a444e531c1b7814
Frame ID: 7958D1C4CBE1BE45484A7B6614037C22
Requests: 4 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=25&pid=59c9148628a0612da3689288&key=y-KeQqY2pE2uHlg3MCzOVKXl.LTkzFF30f~A~UP5800ec3f-e7be-11eb-b2c4-023cc9be729a
Frame ID: 989B0C62D9533A7606F1B557175635E4
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1626609026957-975664409562-008546-009-008286&biddername=22&key=3fa80426-4fd3-43fd-99b4-d06ed3e6a866
Frame ID: 991FDFB7148CC3EBEA37F01C81C038E7
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1626609026957-975664409562-008546-009-008286&biddername=200&key=RX-46961e77-2830-4703-9064-48990a1e00ec-003
Frame ID: 449386DFD7CA74E97B1BDAB452687DEE
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&dcc=t
Frame ID: AECDE8FB93B4DB892C684ACC04A981B9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: FFBC44097371312FD6A7155CDFA1CB3C
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 6762E86987A8DF99C1A9BD5560900776
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.471.1_en.html
Frame ID: D39232FC3C7901DED1EB4A4034D3EC2C
Requests: 30 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.471.1_en.html
Frame ID: 622987A5215D094820CA391FABEA6B09
Requests: 29 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 815CEBA2BF3E465CAFE271453DEC37F4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D4BE52B5D7DB4F487BBEF9284F68C66C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 2BB0E04CDBECD8339F40C0F9A3C074F6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 606D07B39A8ABAEEB801DE564173DC73
Requests: 10 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: D0307CE00775113457CA21B55DEFFEB0
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: E29992CDF9A63FCFDE99C86CA6E9770C
Requests: 7 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: 948280A10EE8837F253E27B31FF1EC8F
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=5711895052350190188&ex=appnexus.com
Frame ID: 79AE81007B8737151034E7822000F590
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=4354449395726896665
Frame ID: AC162D5D111A3C11B31B44B34AE604CE
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: C9FE21BA5E1EB1E0ED10CF1B5A189F75
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4578994905302910181
Frame ID: 14C3E40B57FE7D43756F40F65DFE41A9
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 03B5E790ADE52EB2A4994A3A68DEF19A
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 826EE946FAD6088CAEE85798994F6502
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5ADCF58C330F19B084E5D71D53386C05
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.soo-healthy.com/3559&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 510966112B38720745526603E2C97FD9
Requests: 9 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: AC1D7F1101F7586CE9DE751B668E81BE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 18486025AE51349CD1AD8D3181A8033E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 426CADCE271002FB6DC9256F8DFA26EB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

257
Requests

98 %
HTTPS

36 %
IPv6

57
Domains

91
Subdomains

57
IPs

8
Countries

3599 kB
Transfer

6921 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://pixel.advertising.com/ups/58246/sync?&gdpr=0&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58246/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58246/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP5800ec3f-e7be-11eb-b2c4-023cc9be729a HTTP 302
https://ups.analytics.yahoo.com/ups/58246/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP5800ec3f-e7be-11eb-b2c4-023cc9be729a&verify=true HTTP 302
https://sync.aniview.com/cookiesyncendpoint?biddername=25&pid=59c9148628a0612da3689288&key=y-KeQqY2pE2uHlg3MCzOVKXl.LTkzFF30f~A~UP5800ec3f-e7be-11eb-b2c4-023cc9be729a

Request Chain 65

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1626609026957-975664409562-008546-009-008286%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1626609026957-975664409562-008546-009-008286%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1626609026957-975664409562-008546-009-008286&biddername=22&key=3fa80426-4fd3-43fd-99b4-d06ed3e6a866

Request Chain 66

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1626609026957-975664409562-008546-009-008286%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1431320208 HTTP 302
https://sync.1rx.io/usersync/tradedesk/ebb69b3d-70b2-400c-a997-e06cbd67dafc HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-46961e77-2830-4703-9064-48990a1e00ec-003?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1626609026957-975664409562-008546-009-008286%26biddername%3D200%26key%3DRX-46961e77-2830-4703-9064-48990a1e00ec-003 HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1626609026957-975664409562-008546-009-008286&biddername=200&key=RX-46961e77-2830-4703-9064-48990a1e00ec-003

Request Chain 82

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&dcc=t

Request Chain 101

https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?id=5711895052350190188&ex=appnexus.com

Request Chain 102

https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=4354449395726896665

Request Chain 103

https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com HTTP 302
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1

Request Chain 104

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4578994905302910181

Request Chain 106

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=MFt0VjdeKlErDiIANwk_UTZfJFErCiBVNF5ifLfo

Request Chain 107

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4162634916303939606

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODVjYjEyOWQtOWI2ZC02Zjc0LTUyNzAtZDI4ZTBhZjU2MGE3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODVjYjEyOWQtOWI2ZC02Zjc0LTUyNzAtZDI4ZTBhZjU2MGE3&google_tc=

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDBHiaFjVD6I8mTdVL-eKbg&google_cver=1

Request Chain 114

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP5800ec3f-e7be-11eb-b2c4-023cc9be729a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA1ODAwZWMzZi1lN2JlLTExZWItYjJjNC0wMjNjYzliZTcyOWE%3D HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESECUbn_QDx1UCpz_ONVfaGgU&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESECUbn_QDx1UCpz_ONVfaGgU&google_cver=1&apid=UP5800ec3f-e7be-11eb-b2c4-023cc9be729a

Request Chain 115

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=ebb69b3d-70b2-400c-a997-e06cbd67dafc&_origin=1&gdpr=1&gdpr_consent=

Request Chain 116

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YPQVhAAC2n2KewAC HTTP 302
https://pixel.advertising.com/ups/55986/sync?uid=YPQVhAAC2n2KewAC&_origin=0&gdpr=0&gdpr_consent=&_test=YPQVhAAC2n2KewAC HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YPQVhAAC2n2KewAC&_origin=0&gdpr=0&gdpr_consent=&_test=YPQVhAAC2n2KewAC&apid=UP5800ec3f-e7be-11eb-b2c4-023cc9be729a

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPQVgz6iqO69Kz0OboDlFwAABHMAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEL2KBdSfiEO0HokFAlIo3os&google_cver=1

Request Chain 118

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YPQVgz6iqO69Kz0OboDlFwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKblW_ddrkD6ETa36y4CjuE&google_cver=1

Request Chain 121

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-97cebd39-5b6e-4319-a06f-32b30aaffbdc

Request Chain 122

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=index&bsw_custom_parameter=038ebc22-9900-42dc-8ad0-8c492131583e HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=index&expires=10&bsw_param=038ebc22-9900-42dc-8ad0-8c492131583e HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=038ebc22-9900-42dc-8ad0-8c492131583e

Request Chain 123

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YPQVgz6iqO69Kz0OboDlFwAA%261139?gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPQVgz6iqO69Kz0OboDlFwAA%261139?gdpr_consent=&us_privacy=&gdpr=

Request Chain 124

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YPQVhAAC2luKcwAC HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPQVhAAC2luKcwAC&_test=YPQVhAAC2luKcwAC

Request Chain 127

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=OtSDdrBu1M55ju5

Request Chain 128

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=391f6a7d-82b1-43ab-9b6d-034a64691e33&ssp=openx&user_group=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=038ebc22-9900-42dc-8ad0-8c492131583e

Request Chain 129

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5711895052350190188

Request Chain 130

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDYVVVN0I2Q3NBQUVCUl9QMWZKZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACaUU7B6CsAAEBR_P1fJg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACaUU7B6CsAAEBR_P1fJg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACaUU7B6CsAAEBR_P1fJg&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACaUU7B6CsAAEBR_P1fJg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=158370571286431338 HTTP 303
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACaUU7B6CsAAEBR_P1fJg

Request Chain 131

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=274e60f4-1584-4f00-9ac7-b1fecdb71bf8

Request Chain 136

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5711895052350190188

Request Chain 137

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACaUU7B6CsAAEBR_P1fJg&expiration=1627818628

Request Chain 138

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0d8260f4-1584-4800-827a-81bb28204464

Request Chain 139

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5711895052350190188

Request Chain 140

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YPQVgz6iqO69Kz0OboDlFwAABHMAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/YPQVgz6iqO69Kz0OboDlFwAABHMAAAAB

Request Chain 141

https://d.adroll.com/cm/index/ssp HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

Request Chain 143

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 160

https://gcdn.2mdn.net/videoplayback/id/4133afe05682465d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764665338/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/C5639ED4DE9C52D4D02881681D464AB585BC0E3.BB854095FCCDC09231E6635A837265B0054D34FD/key/ck2/file/file.mp4?cpn=DwAGfUL-LpB2fVPl HTTP 302
https://r6---sn-4g5ednls.c.2mdn.net/videoplayback/id/4133afe05682465d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764665338/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4997C61539BF5D94D0E20B5EA7AA5AAC3BAFED3F.2085D92128FAFC07C477E91A967A6779AA25615F/key/cms1/cms_redirect/yes/mh/UB/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednls/ms/onc/mt/1626608668/mv/m/mvi/6/pl/52?cpn=DwAGfUL-LpB2fVPl&file=file.mp4

Request Chain 162

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=266c78837ec011d0eee18554/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=44c313d6e9e0835a0bddbf26c4ba239&gdpr=0&gdpr_consent=

Request Chain 163

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=266c78837ec011d0eee18554&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=3&3pid=0d8260f4-1584-4800-827a-81bb28204464&gdpr=0&gdpr_consent=

Request Chain 164

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=90&3pid=c0a8f905-125b-4774-9d3b-7f3e43c691ee&gdpr=0&gdpr_consent=

Request Chain 165

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=ce6bc3c5-7f96-401b-aeb1-a0b64fd68a25-60f41585-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dce6bc3c5-7f96-401b-aeb1-a0b64fd68a25-60f41585-4348%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Dce6bc3c5-7f96-401b-aeb1-a0b64fd68a25-60f41585-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=ce6bc3c5-7f96-401b-aeb1-a0b64fd68a25-60f41585-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dce6bc3c5-7f96-401b-aeb1-a0b64fd68a25-60f41585-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=ce6bc3c5-7f96-401b-aeb1-a0b64fd68a25-60f41585-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dce6bc3c5-7f96-401b-aeb1-a0b64fd68a25-60f41585-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ce.lijit.com/merge?pid=16&3pid=ce6bc3c5-7f96-401b-aeb1-a0b64fd68a25-60f41585-4348&gdpr=0&gdpr_consent=

Request Chain 166

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MjY2Yzc4ODM3ZWMwMTFkMGVlZTE4NTU0&gdpr=0

Request Chain 217

https://gcdn.2mdn.net/videoplayback/id/4133afe05682465d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764665338/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/C5639ED4DE9C52D4D02881681D464AB585BC0E3.BB854095FCCDC09231E6635A837265B0054D34FD/key/ck2/file/file.mp4?cpn=aEH9EnDlAjYwI1Qm HTTP 302
https://r6---sn-4g5ednls.c.2mdn.net/videoplayback/id/4133afe05682465d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764665338/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0857B2680F4605A18EBF782EB1E34207DFD5E983.0FA038021A90556CBD2D2081271282D3647FAA8E/key/cms1/cms_redirect/yes/mh/UB/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednls/ms/onc/mt/1626608668/mv/m/mvi/6/pl/52?cpn=aEH9EnDlAjYwI1Qm&file=file.mp4

257 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 3559 Show response
www.soo-healthy.com/ 68 KB
16 KB 139ms
119ms Document
text/html 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/3559
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd79a6e3c294ca729a3a8fd5300d3be9bd6ea4f489d5e04fd4956914ff2a0bc

Request headers

:method: GET
:authority: www.soo-healthy.com
:scheme: https
:path: /3559
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-type: text/html
last-modified: Sat, 10 Jul 2021 06:28:09 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcFBS8Q87cOtAq3qaeR0U2YQh2uuOwH%2FYgHETUpfLTTmOqUYBV0u2mZcTY9yEPScdIb5HV3%2F0%2B%2BqnsP1bc%2BxFeJPBzCxupCc3s0W7TpxWV7xeFocgVOfXtRPHMff4XueOZBTBW0jt57B%2F2ZURn6HZQf3"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 670b7e0c2f82978a-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 gdpr-tcf2.js Show response
www.soo-healthy.com/ads-hb/quantcast/ 444 B
838 B 29ms
14ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/ads-hb/quantcast/gdpr-tcf2.js
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94f6712776df8ccc1357ac9f95948ab6bacb82a9e90d7d9da4dbdb6a1f4fc992

Request headers

:path: /ads-hb/quantcast/gdpr-tcf2.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Jun 2021 00:27:17 GMT
server: cloudflare
etag: W/"60cbe865-1bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TRof1uW%2Fi5qWOKHMYpV3CW%2FnjqfDbI9M7razZCltlYIfgkJUUmNI7Qka9uEOCKbli%2FTAhD7mFwPnfdcP3%2BguVGm9N4Zdhek%2BlIr15THaitn5RmdTt%2BsKxK7OGM8VXmm5Y3VSjM7f%2Bx25GkS62y%2Bdlzl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0d09734e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 popup.js Show response
www.soo-healthy.com/ads-hb/quantcast/gdpr/ 6 KB
3 KB 30ms
16ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/ads-hb/quantcast/gdpr/popup.js
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcc060c1d7fdb0c34763912f562c6aa3baee74764f9ec0da3e4799be6bee0791

Request headers

:path: /ads-hb/quantcast/gdpr/popup.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605452
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Jun 2021 00:27:17 GMT
server: cloudflare
etag: W/"60cbe865-1778"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GS7fJ5zRxn%2BfVDUK0VdUhgEGz98DzY247jhCKhEMXt70qdcizeMFQ%2BWALlkKdHasIjPrB39%2FDZ7hP6uOMAyXsgHQS%2FeQo1fll%2Ffbu7%2B9%2FeoNqjkdKn4xEHTUep8R8ArSMGFNjvH88qywEQ1wqn%2Bo%2F3nK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0d09774e3d-FRA
expires: Sat, 18 Jun 2022 08:06:14 GMT

GET
H2 200 linreg.min.js Show response
nshr9wraulbrkbqsb.ay.delivery/floorPrice/NsHr9WRauLBrKbQsb/js/floorPrice/ 31 KB
12 KB 44ms
22ms Script
application/javascript 2606:4700:3036::6815:38ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nshr9wraulbrkbqsb.ay.delivery/floorPrice/NsHr9WRauLBrKbQsb/js/floorPrice/linreg.min.js
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:38ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac701962e0f928da91e6abedea5b38ac208459f46b7453e2deebad93401f1e29

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Jul 2021 08:10:33 GMT
server: cloudflare
age: 574
etag: W/"60f3e1f9-7b14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiKhVzZrsHPjGt7oGIghggqPdD8x5GHV7S3JKMY%2Bm%2FXNfo%2FUJww3HKxw97%2FZU%2FAdfNpg93vb%2BXsQxPWjkeeazoLVs3r5PDIS8iUYsDypJA3m5nvmUcp%2FnFyt2o4rNLLCUUFh8%2FgxufunCdCgSkXZiVVwQLuIV8RvTi5TeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 670b7e0d5fb35364-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 forest.min.js Show response
nshr9wraulbrkbqsb.ay.delivery/forest/NsHr9WRauLBrKbQsb/js/bid/ 31 KB
11 KB 24ms
23ms Script
application/javascript 2606:4700:3036::6815:38ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nshr9wraulbrkbqsb.ay.delivery/forest/NsHr9WRauLBrKbQsb/js/bid/forest.min.js
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:38ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f68fc728f5630517460badf7b6e1454f63d4e44bee17adb7c83ab7dacd94754

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Jul 2021 10:51:21 GMT
server: cloudflare
age: 841
etag: W/"60f407a9-7bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRGL1TOholhDjMiaLi87WxFfEAmeRlvmhMDnspf9WcmwFaFSxLaZT9RqwIfnP%2FxwmPcM%2FKZJ9z9VHKhZbRwf%2BzKRkA1a29gixxsbWvHGnxHGElpouH8SF1ak8%2FHXiYp7AQWas4b%2FK7BPkNymGNi8Doy6C4Cw6AywL2JWSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 670b7e0d5fb55364-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 ay-client.js Show response
www.soo-healthy.com/ads-hb/assertive-analytics/ 31 KB
11 KB 35ms
21ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/ads-hb/assertive-analytics/ay-client.js?v=2021072
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b477c7a8a488b212481791b669df0dfc992206b0b8976e862fb2f80a825994e

Request headers

:path: /ads-hb/assertive-analytics/ay-client.js?v=2021072
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 906623
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Jul 2021 13:16:04 GMT
server: cloudflare
etag: W/"60e45794-7d75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypQS9qQGGtm3m0%2FkH103dIf6nRR83A4%2BWOlfXYxLYGANnvrjF9JVJlgIlC4XxV5DTd1qqqrRb0oTBCk1X3ys7W3oFFQDY6Mh1%2BlTaiA22oB7dHsMgYxaEAGl68VDNqkAbhOLscbt4Wq1THgAxzw%2FWgNI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0d096e4e3d-FRA
expires: Fri, 08 Jul 2022 00:00:03 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 68 KB
24 KB 119ms
42ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

71f756359addc7b0d08506c6935b8563b4cb375a6b3dbc3d680155d69119f88e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "933 / 815 of 1000 / last-modified: 1626473418"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24132
x-xss-protection: 0
expires: Sun, 18 Jul 2021 11:50:26 GMT

GET
H3-29 200 prebid4.23.0-4.js Show response
www.soo-healthy.com/ads-hb/prebid/ 240 KB
74 KB 30ms
28ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/ads-hb/prebid/prebid4.23.0-4.js?v=2021072
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9585c8db7121db76c125b88f78221458601880c4ec494a519fb036e12f78d05f

Request headers

:path: /ads-hb/prebid/prebid4.23.0-4.js?v=2021072
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 906623
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Jul 2021 13:16:04 GMT
server: cloudflare
etag: W/"60e45794-3be09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbCS8SPIEFm4LDCv45XwuMVpX1tfcMDBsT%2BHzEE1sZUrDFtOOhi%2BPZmb9W7x81Zz5Z%2Fpe6gP5VONgteWSbfvq040ADjDnfowmPzylOdeZjyYLGoZwYUbYUq47VNISkS55hUtNUw6t6kRtq0Ox5X7nUrU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0d6a424e3d-FRA
expires: Fri, 08 Jul 2022 00:00:03 GMT

GET
H3-29 200 all-light.css
www.soo-healthy.com/wp-content/themes/bimber/css/styles/original/ 137 KB
23 KB 32ms
18ms Stylesheet
text/css 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-content/themes/bimber/css/styles/original/all-light.css?ver=5.1
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca5fd4b5e02a099039bc72df5a3deb04d061bd3d1c4d78fe78e8628846d453a4

Request headers

:path: /wp-content/themes/bimber/css/styles/original/all-light.css?ver=5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
cf-polished: origSize=181205
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Jun 2021 00:27:17 GMT
server: cloudflare
etag: W/"60cbe865-2c3d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQaFA%2B83E8P%2BLe%2Blt5Z0nNDS2u1EOg7P2Yqb47hlf46mJ%2BgGnI1otW5tQhrhjL0mtzIWPj6Q0IiE8hArSO6Gnyv190yeCFmS7U6DLYY%2Fsm%2Bi2h1%2FYdmWOHLe6OiD7ECGszM9XfRdVOxWEZ0Dhvk87HvZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 670b7e0d09754e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 vc.css
www.soo-healthy.com/wp-content/themes/bimber/css/ 159 B
807 B 26ms
13ms Stylesheet
text/css 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-content/themes/bimber/css/vc.css?ver=5.1
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8590fa1e7064f69ca1db92da7e0a136fa11704cdc566cfab87462b6411c0c9b5

Request headers

:path: /wp-content/themes/bimber/css/vc.css?ver=5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
cf-polished: origSize=194
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Jun 2021 00:27:17 GMT
server: cloudflare
etag: W/"60cbe865-c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UfSq6oYwReFrdbDqyKkFgn6UE7G7FKp2a9z%2FeVhh0OftfaG0o8M0BA%2B98u6I3cpyT60F8x4YEcaHwT6K98RirN1IGhTWsJ43hCHQ6HY0SQeEQQWmaoVXEKPSJ39ciXJUDYJv%2FaZ3jvTZsyjNdl65noN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 670b7e0d09704e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=5.1

Requested by

Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b51a11833f3d89222a52178a0ae2cc431cec38c50fdd2bebfae3347ef93e2bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 11:06:29 GMT
server: ESF
date: Sun, 18 Jul 2021 11:50:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Jul 2021 11:50:26 GMT

GET
H3-29 200 dynamic-style.css
www.soo-healthy.com/wp-content/uploads/ 5 KB
2 KB 30ms
17ms Stylesheet
text/css 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-content/uploads/dynamic-style.css?respondjs=no&ver=5.1
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfdb42851f1f44ac5488dfe2eb0414b97009112cefc9f25844c2c38107dbf8d5

Request headers

:path: /wp-content/uploads/dynamic-style.css?respondjs=no&ver=5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
cf-polished: origSize=6350
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 May 2020 20:09:47 GMT
server: cloudflare
etag: W/"5ebc540b-18ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jg985Xs8vmF8iq%2BYylQZxyafABVUT3h4ljOFcAP7hQ15%2B0szijxuI8vLgaO4tjiZy1hwCfNf8qExL2HJn1oyyP%2Byp%2BswcBi%2BNnWshFxuGvumgGEOlZbouOSpNtWAd2QdJkeP8rMRYHjn80vTLgbVryYM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 670b7e0d09724e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H2 200 tag Show response
btloader.com/ 9 KB
5 KB 62ms
20ms Script
application/javascript 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5769130816831488&upapi=true
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27a39ddbd57b8af03ca8f4d41fc906b26d66d8529e0f99e9f5ba479cdab2ce12

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 670b7e0dabc82b4d-FRA
date: Sun, 18 Jul 2021 11:50:26 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1094
etag: W/"30d343ab10604c95dd7805b97baa4a26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7TMOoaM48%2BlLDXCk9dPfpIJM%2BBa30MSurs2mjgxzN1vixwgDcjCu%2FYfxaCZqFPueHq%2F70z0ThtHcQhPs%2FySwxGi8IQ4E83fChofyeE4gOvJmcLhIrAP3cPtRsFbmtakLK6eXIeuNpvW%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
content-encoding: br

GET
H3-29 200 Soo-Healthy-150x40px.png
www.soo-healthy.com/wp-content/uploads/2020/03/ 2 KB
3 KB 26ms
24ms Image
image/png 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.soo-healthy.com/wp-content/uploads/2020/03/Soo-Healthy-150x40px.png
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef8a7282c057157ccc4c130d338900692539064494f2ff43857ee863770abac2

Request headers

:path: /wp-content/uploads/2020/03/Soo-Healthy-150x40px.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605467
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2282
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 26 Mar 2020 09:07:15 GMT
server: cloudflare
etag: "5e7c70c3-8ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Tcti7CfKTLZwO%2Big%2BnMg%2FY4TaKemYb8P%2Bfg7ByazXp3OPpt%2BOC1gY6IDXSUxIvuEq%2B0p6HjtIC%2B73Vxr%2FvfASaXmUrp5fSp6Mh0bw4KHdJDjrELiJffLr96QJkP3WMGQwDtflfXa15XGJ30VLIvh77Q"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 670b7e0d6a444e3d-FRA
expires: Sat, 18 Jun 2022 08:05:59 GMT

GET
H3-29 200 potato-chips.webp
www.soo-healthy.com/wp-content/uploads/2020/07/ 76 KB
77 KB 28ms
26ms Image
image/webp 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.soo-healthy.com/wp-content/uploads/2020/07/potato-chips.webp
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a66587c21741db64b93bf27804294856bd691b492c94c930e013ef0f7e35a750

Request headers

:path: /wp-content/uploads/2020/07/potato-chips.webp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2577792
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 78014
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Oct 2020 11:10:28 GMT
server: cloudflare
etag: "5f9168a4-130be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8As5UX%2BC7Tv86QdWVKh1pa%2Fj7qWwBpGgTh85oNUlwr%2FRQ%2F3PUXXPXdgxodXiacCCF6P5Fw1ajJBnY%2BR%2FEf3KjKQHdx9%2BMDl1V3eZiV9fIXg39A3lPfTj5StismoOsKmiwJtc9lkG2Ablq6YPBbfWXUj3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 670b7e0d6a464e3d-FRA
expires: Sat, 18 Jun 2022 15:47:14 GMT

GET
H3-29 200 coiffure-364x205.webp
www.soo-healthy.com/wp-content/uploads/2020/10/ 9 KB
10 KB 27ms
25ms Image
image/webp 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.soo-healthy.com/wp-content/uploads/2020/10/coiffure-364x205.webp
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07f62d14c1c8f89435e4870b5f7bcb6ed63c75f0f8f45f7fd2f7521899aad072

Request headers

:path: /wp-content/uploads/2020/10/coiffure-364x205.webp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605391
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9354
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Mar 2021 14:24:17 GMT
server: cloudflare
etag: "6059fa11-248a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEPKxUK4FopFfCiMGvlfKCgUqmOSvUcDRHnQIBnZGyZa3zsVl38iLIFb1U2YaifmaXkIjSHnUuek%2F%2FeHNWj%2BfTyV8oLm7LMGQodBm9Li368y8o5mWRWVAK6EAzLU4RaDaiXozNahtcJovPr%2F6l6k6Bry"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 670b7e0d6a474e3d-FRA
expires: Sat, 18 Jun 2022 08:07:15 GMT

GET
H3-29 200 fr.png
www.soo-healthy.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ 268 B
908 B 43ms
41ms Image
image/png 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.soo-healthy.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c86c0c02ccb446b1a50d0282f4d9715e45670be443c4c3f666c263601e36274

Request headers

:path: /wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 268
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 28 Feb 2020 09:39:03 GMT
server: cloudflare
etag: "5e58dfb7-10c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXvR0NO2e%2BnZwjncGDBbqW3%2Bdqkctr%2BdIU6SVsAimbssfZBI3K2amLBxGZLfhP0062oAGhtQfI5JR7HcAdaQEdfiaBiokW%2B6NprL%2BrlsriY5Vb1B8iX4DVplFxeMTrJfB7IsqvA2DOZV1Q2zQvjhmN9a"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 670b7e0d6a494e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 de.png
www.soo-healthy.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ 250 B
891 B 24ms
22ms Image
image/png 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.soo-healthy.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/de.png
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb8abf4975a70816d1ecb0e3dff7ed44ff73201795790a55b4abfb0d1b6d162f

Request headers

:path: /wp-content/plugins/sitepress-multilingual-cms/res/flags/de.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 250
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 28 Feb 2020 09:39:03 GMT
server: cloudflare
etag: "5e58dfb7-fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfBWDKJrr3hAJ1E6iQNN8IwmAKsAslLgpNWacYFRRlH4Pr%2FI2fzOM20RL46FdZ%2FFxhsvaJ6G5LJ8oQT4%2BbxtoaZzDKa3PBWD%2FvaG4KTx55G1AHPuwubtQSWgwvThVmLYeSUO7ENRft3U2hL31%2FHVlnBG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 670b7e0d6a4a4e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 en.png
www.soo-healthy.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ 600 B
1 KB 24ms
23ms Image
image/png 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.soo-healthy.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef

Request headers

:path: /wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 600
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 28 Feb 2020 09:39:03 GMT
server: cloudflare
etag: "5e58dfb7-258"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqfg8uCn0%2B7K%2F1Xy8GXS4mg5SBbh%2B5HEXSL6uw6Pu54JUbF%2Ba4PC7QDYRSv1EEzkEFqkTUDQHNDGdodDy2EjHd3NKdgQyhppEPwDOrTUGN4HDmXfDsP9epA9fN7CUmgvnfXlUGkQwpid%2BKDAp0X%2FXw76"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 670b7e0d6a4c4e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 62ms
21ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0b5b0d1c880000980807b41000000001
last-modified: Tue, 13 Jul 2021 12:14:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60ed83be-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZzv%2B02mFerhN%2FS%2BuMn75RWjUAs56D8dkMd0cPf%2FCbfuCidvuc0a4gCIf%2BjmdcIOg7zIVj7HNIiBvghQSUbtYfzib5HmnkgNAr46%2F%2B82baUH8WZfX%2BHmdQl%2F63zYtU2UkzHfcxafoIjPkg42aicyolw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 670b7e0dae3a9808-FRA
expires: Tue, 20 Jul 2021 11:50:26 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 98ms
31ms Script
application/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jul 2021 20:57:42 GMT
content-encoding: gzip
server: Server
age: 53564
etag: f8520ea4ebd91256d6b4f461d472242a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: HJDQ_J13MpB0okrd1UAc4euAMZtdyOJl
x-amz-cf-id: atVrekAaraNbG6HBfOMKAC-l9u8WByDWiIOmMJ-SUAhO4c6JGTi2hg==

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 12ms
0ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.soo-healthy.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:05:46 GMT
x-content-type-options: nosniff
age: 481480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 22:05:46 GMT

GET
H3-29 200 bimber.woff
www.soo-healthy.com/wp-content/themes/bimber/css/bimber/fonts/ 5 KB
6 KB 29ms
27ms Font
font/woff 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-content/themes/bimber/css/bimber/fonts/bimber.woff
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/wp-content/themes/bimber/css/styles/original/all-light.css?ver=5.1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b9ae6543138288de4ff2206bd21bbfaaf3c8f7a2d69821041245256aad00cc

Request headers

:path: /wp-content/themes/bimber/css/bimber/fonts/bimber.woff
pragma: no-cache
origin: https://www.soo-healthy.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/wp-content/themes/bimber/css/styles/original/all-light.css?ver=5.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.soo-healthy.com
Referer: https://www.soo-healthy.com/wp-content/themes/bimber/css/styles/original/all-light.css?ver=5.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2741
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5468
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 16 Jul 2021 12:53:24 GMT
server: cloudflare
etag: "60f18144-155c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FEnZXnNevnXvxZeOfBcWInFTrCakRpV%2BhCtqrX0C2hpT4EJIpDCdRxQJUz5DAgechTVLCMebCH%2BOHXzwrhW0d2%2FHmzoDQ78tuPO%2ByJBOZ5lsU5QeT2xwCHyCogRe1wu6SwHY43o7v32rMHPDO9qDdzF"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 670b7e0d7a824e3d-FRA

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 23ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.soo-healthy.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 09:11:24 GMT
x-content-type-options: nosniff
age: 441542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 09:11:24 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 23ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.soo-healthy.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 494642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 18:26:24 GMT

GET
H3-29 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 29ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=5.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.soo-healthy.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 09:27:55 GMT
x-content-type-options: nosniff
age: 440551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 09:27:55 GMT

GET
H3-29 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CPoppins%3A400%2C300%2C500%2C600%2C700&subset=latin%2Clatin-ext&ver=5.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.soo-healthy.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:08:26 GMT
x-content-type-options: nosniff
age: 492120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 19:08:26 GMT

GET
H3-29 200 wp-embed.min.js Show response
www.soo-healthy.com/wp-includes/js/ 1 KB
1 KB 19ms
18ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-includes/js/wp-embed.min.js?ver=0f548d9a0127fe41da404d3920577415
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=0f548d9a0127fe41da404d3920577415
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Apr 2021 11:55:35 GMT
server: cloudflare
etag: W/"607829b7-56f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aDHeI9dZajzj5Jxoc0cPZhjQrC8Foe0N5ASNrlMSCu8btDd7rd0dF02LV1VoaCWu%2BL688XPO9fX3DUY009dPtUD%2BOYdrwX5FXDBPDqDtDV0NwNK8fy0MdZycdlxpMaLoRZywskYe2sH0MsPps13aDDk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7cb24e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 front.js Show response
www.soo-healthy.com/wp-content/themes/bimber/js/ 82 KB
18 KB 31ms
30ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-content/themes/bimber/js/front.js?ver=5.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b23c6e66ffd4dde4f64a24dd865430b5cfc7c70dea9fa6053c17872b0634754

Request headers

:path: /wp-content/themes/bimber/js/front.js?ver=5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Jun 2021 00:27:17 GMT
server: cloudflare
etag: W/"60cbe865-1489d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAnGeCyBnVKoPzJNsJqQCNeWPVDksSfJ9ZqQTVobbvFuBFg5h3ufasIkVjwku14wdVsnYeYNmTLT8TF02303%2Btoj%2FMxnHV5rMu7USo7I9JyuA1jnUPjD5HImS1uK3NmExLnVZJM4UEXmzdI6%2B3geS5tZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7cb54e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 autocomplete.min.js Show response
www.soo-healthy.com/wp-includes/js/jquery/ui/ 8 KB
3 KB 24ms
23ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.11.4
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67a93cb596cf7e65926cc6f37e356a5ba6249a3ac8dbce1b8e5fd16ae3967f92

Request headers

:path: /wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.11.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Apr 2021 11:55:35 GMT
server: cloudflare
etag: W/"607829b7-2023"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDs4x8T8STKF5sWbiBeYprjUCpPin%2FNnU34oaNNeUsmw1RKwhyl4hKKwudvTeXcvVoMWKU1XgQfkNAL5%2FPikztI8wcZrfWwR4IXu3lU0BJ%2FFM9IAZK9mEiRGYQ7dCMg2hJirPiG8Z5AKTB1fFtuG7Epa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7cb94e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 wp-a11y.min.js Show response
www.soo-healthy.com/wp-includes/js/ 627 B
974 B 18ms
17ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-includes/js/wp-a11y.min.js?ver=0f548d9a0127fe41da404d3920577415
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 528a582ea998425535a5dd162b3f7fbc3fe78098a4089a31fec260fbc6c3cc79

Request headers

:path: /wp-includes/js/wp-a11y.min.js?ver=0f548d9a0127fe41da404d3920577415
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Apr 2021 11:55:35 GMT
server: cloudflare
etag: W/"607829b7-273"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdgLvi5w1JuDofghRO%2F5sid97T9diQWfF8MEBpr4r1nncBuHtVL5a%2F3HRTOzktswHJvsHpygGwVcE8fsultS3Auicec%2F7JrfraeJJ5CUrKma0jIP5%2BpGtgAkYA85B2c0AfZ2%2B5y%2F%2BS7Qd4qZOHSvhbRZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7cbb4e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 menu.min.js Show response
www.soo-healthy.com/wp-includes/js/jquery/ui/ 9 KB
3 KB 24ms
23ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.11.4
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11dd7443e60c9756c636d4d9e270eeba4085691a86dc1d343af835e5cb354ed9

Request headers

:path: /wp-includes/js/jquery/ui/menu.min.js?ver=1.11.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Apr 2021 11:55:35 GMT
server: cloudflare
etag: W/"607829b7-2547"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8jQ6dlP6OjpSoiaFY7vZ%2BZB4A5%2BMO3dqIwdv%2Bq8a4fSptQLImR5ewFyhIPwkIjP%2F%2F0KVjtkm9W9ngzLd6iNt6vglCv6REiSWYnWiiSHwdrTl7lQcP%2FNE6XuDr1ynwEY%2B3M28GXahmCa0yWmy9tTN%2FHy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7cbc4e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 position.min.js Show response
www.soo-healthy.com/wp-includes/js/jquery/ui/ 6 KB
3 KB 25ms
23ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd5bb66bac9f2d27689f537a7beaf5630134204e7327c42c066f0b64717fb3d3

Request headers

:path: /wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Apr 2021 11:55:35 GMT
server: cloudflare
etag: W/"607829b7-1928"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2Bze0iKMjgpGxjFLQOA02CMeg2INiJ78WF%2FsP21UbM%2Bb7JAjsBy4Y3stTT307fh%2F49FRp81qzIVF1r8mSQOG%2FF%2BR3EuVxxxaiKKz%2FoP0uapKAzPrMR4AJroni28QBfDui0DJA4V%2BclVMh7AIHWRp%2FRFe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7ccc4e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 widget.min.js Show response
www.soo-healthy.com/wp-includes/js/jquery/ui/ 7 KB
3 KB 37ms
36ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99ada7e01817367027759ac452a1dd11eca7557272b8940d659c07adb6bc8cbe

Request headers

:path: /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Apr 2021 11:55:35 GMT
server: cloudflare
etag: W/"607829b7-1ab0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdMniUOxlTU3EDdGJKQu8x3AMLieT1obASo4rHIioWodvnXeEBVgQ%2By0qR2SIdBnTzOOGa9ykVd3mrsoYRSInd%2BRWo24JWL5bgCJBLkCS85uRMzj80jdjSDvBfL61nVsT9ikSkwVlTLq4xEeDkhWu079"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7ccd4e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 core.min.js Show response
www.soo-healthy.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 33ms
31ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17

Request headers

:path: /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Apr 2021 11:55:35 GMT
server: cloudflare
etag: W/"607829b7-f59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjiG2FhoKCok4HBBYj0pNixvTab5nFgRH5FaOqlLv%2FCRfjJkO6K2PqQ7Y3qAtZK1g2etzMmvO6ericQ2jdE2dPSsiw7y7KCBKIQvPBghTJLaiVWb1JP9V0yOZ7GHvq5M6QlGCH0XGaOpO6oVgiMF%2FUYE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7cce4e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 enquire.min.js Show response
www.soo-healthy.com/wp-content/themes/bimber/js/enquire/ 2 KB
2 KB 24ms
23ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-content/themes/bimber/js/enquire/enquire.min.js?ver=2.1.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489

Request headers

:path: /wp-content/themes/bimber/js/enquire/enquire.min.js?ver=2.1.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Jun 2021 00:27:17 GMT
server: cloudflare
etag: W/"60cbe865-8ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3FL4i0Cs%2FnzkxUwjspiZc4%2FDL2EZDalS4eBM1F84U0b%2FFz%2B9Pf%2BpKvFkWBObMaNqTkoHzl2dsTpQdTXzjUmaShzpsYpYxEhPASLYW1jHYhFrU1y%2BHcePXgm5VwrMgpZj8hIgfRCKx1Oh6MLVAAqoExv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7cd04e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 libgif.js Show response
www.soo-healthy.com/wp-content/themes/bimber/js/libgif/ 33 KB
9 KB 23ms
20ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-content/themes/bimber/js/libgif/libgif.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c68189254b2d5bbfd8454750e7f6a776a3df0a18972340d9cb71d2d8aacc231

Request headers

:path: /wp-content/themes/bimber/js/libgif/libgif.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Jun 2021 00:27:17 GMT
server: cloudflare
etag: W/"60cbe865-854e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNZQzEyMK4csVXfsF6pHjrIExmJOH3bYJSpU3rU2yVEJlIA9jktkIW4yVvr9dxxRYv733datERhDVPUhG%2Fy%2F8IcC7JZdcDbdpUk8astjODQ1d94CznWVXNf%2FMFk3zBwZXvoftA9X9%2BRAqm1CjPS3JeTD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7cd14e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 jquery.waypoints.min.js Show response
www.soo-healthy.com/wp-content/themes/bimber/js/jquery.waypoints/ 9 KB
3 KB 28ms
25ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-content/themes/bimber/js/jquery.waypoints/jquery.waypoints.min.js?ver=4.0.0
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35

Request headers

:path: /wp-content/themes/bimber/js/jquery.waypoints/jquery.waypoints.min.js?ver=4.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Jun 2021 00:27:17 GMT
server: cloudflare
etag: W/"60cbe865-2281"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdCT18y4oBLGH1Jn7d%2Fh2FLrl32yM6U1mzCKKb0TfYDTbpg2zFN8yqJgPg1meh%2BH9ge2lxXMtqH%2BASlWqsTElTOL%2Bs12ggYsgpMbSXHbEow7CgHcbn0d%2BAu5bWdFaAgUspU2UF9TCQMBo6vFIQH6NZmV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7cd24e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 picturefill.min.js Show response
www.soo-healthy.com/wp-content/themes/bimber/js/picturefill/ 8 KB
4 KB 23ms
20ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-content/themes/bimber/js/picturefill/picturefill.min.js?ver=2.3.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52

Request headers

:path: /wp-content/themes/bimber/js/picturefill/picturefill.min.js?ver=2.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Jun 2021 00:27:17 GMT
server: cloudflare
etag: W/"60cbe865-1e1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wmd7DolKUKJalcpRC1GWS%2FgwTzM24vK8SJpsP2P7s6i3PR%2B4hI6YIk0aQTi9E6to3X%2FRFcjGtn5Xwan75jWZhl89tJuf%2Bh088i5QjDqJoT%2FYzHN4bK3CC0o6JVSni0ct%2Fi6yRX%2FYWQguSAaxNFMxe%2FLv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7cd34e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 matchMedia.addListener.js Show response
www.soo-healthy.com/wp-content/themes/bimber/js/matchMedia/ 3 KB
2 KB 28ms
25ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-content/themes/bimber/js/matchMedia/matchMedia.addListener.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4492a4f252febe84a00d7f8246e50e43475a11d7192a279aab3c189cd3721456

Request headers

:path: /wp-content/themes/bimber/js/matchMedia/matchMedia.addListener.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Jun 2021 00:27:17 GMT
server: cloudflare
etag: W/"60cbe865-b00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3A7BlXh42PQNIQznJA9MFJOwoNGm4cI0YT%2Fiv9K%2BudrWOsDwc1QQ%2B%2FTznCqIxERYtj%2BlsGD5QDCFYQXtkCULvaCzYkbNYM%2FD%2FJf1TRUqzuILqlILLImv6sPvfA0VxziJUzxOhV82Aj4zdUqglZvnOob6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7cd44e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 matchMedia.js Show response
www.soo-healthy.com/wp-content/themes/bimber/js/matchMedia/ 2 KB
1 KB 28ms
25ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-content/themes/bimber/js/matchMedia/matchMedia.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76b8c213b84808d8f2986bfa38e79e3f2d1a94f065e517a143999b198abd8bd6

Request headers

:path: /wp-content/themes/bimber/js/matchMedia/matchMedia.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Jun 2021 00:27:17 GMT
server: cloudflare
etag: W/"60cbe865-6a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfaUjMMFEMBfBLG4TI7wDajmkj8n%2B2O6q6QuOcKMms3WSX8An46jZnHWWPgUnaU6uVX%2FnCJ6n5BDkJ61p4FmDQLtcg69hmUIIVGL25ugGkt2Lh4LFC6uLlvlWQPFDzYViRf%2BiM7Kef0pFl6ucBsJ1PXg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7cd64e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 jquery.timeago.fr.js Show response
www.soo-healthy.com/wp-content/themes/bimber/js/jquery.timeago/locales/ 451 B
871 B 23ms
20ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-content/themes/bimber/js/jquery.timeago/locales/jquery.timeago.fr.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9953f27b27bea302357124bc592dcc4378db075eb607d851600470aea27c9485

Request headers

:path: /wp-content/themes/bimber/js/jquery.timeago/locales/jquery.timeago.fr.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Jun 2021 00:27:17 GMT
server: cloudflare
etag: W/"60cbe865-1c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BnKkCU3cbBacpOFuX66cjmYAQBLn0QvfcO2RmRAlM7X%2BRxk6SshWC0Ii6qGEk2mEcUnDl96TIPb2ILuh4TathmW5Qz0jGx0I4%2Fyu466yi0mwozHxeT3%2BgvBXQxz2qzaxGJ%2BnQwSLUCCCiwN%2BNJklwzi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7cd74e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 jquery.timeago.js Show response
www.soo-healthy.com/wp-content/themes/bimber/js/jquery.timeago/ 7 KB
3 KB 28ms
25ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-content/themes/bimber/js/jquery.timeago/jquery.timeago.js?ver=1.5.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8a2ce0ff737cb50745bcd2b534fa03c462d897895dadb9af2d46e37db45c2f2

Request headers

:path: /wp-content/themes/bimber/js/jquery.timeago/jquery.timeago.js?ver=1.5.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Jun 2021 00:27:17 GMT
server: cloudflare
etag: W/"60cbe865-1c47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2ofVa7R%2B2N%2Fh747kXcHwTA%2BE8jhGBYGzoB3mCa5FYYbmV1VLL%2FM7J%2Fft7OPNxg8hsfxgW8pbu2uqd2ZwdI5xF14lseZqseadGkdkE%2BSivW4%2F5SyNyT2Y0sLk4zourgvIgiAuGBUTXK8e9tnrOr3qqMX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7cd84e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 placeholders.jquery.min.js Show response
www.soo-healthy.com/wp-content/themes/bimber/js/jquery.placeholder/ 5 KB
3 KB 23ms
20ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-content/themes/bimber/js/jquery.placeholder/placeholders.jquery.min.js?ver=4.0.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aabc30ee10c2b23a718fe443f43b051563fa5c58aa4b48cb64155a424e451468

Request headers

:path: /wp-content/themes/bimber/js/jquery.placeholder/placeholders.jquery.min.js?ver=4.0.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Jun 2021 00:27:17 GMT
server: cloudflare
etag: W/"60cbe865-1555"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8vkSEIaMOTnW%2BTZwhehkG7DILEviSQDQCrncMWd8u%2FKVm8ZWW8JvsA%2BHOFBC7QGfaSrVWXXDdeeg99jnak%2FVZcIZqt74xYkrbHEevW9PVTaeifXTltBgrHjP%2BrGR%2FAzPmnCDtpGxj5TFIdp6g93Z%2BlFJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7cda4e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 stickyfill.min.js Show response
www.soo-healthy.com/wp-content/themes/bimber/js/stickyfill/ 6 KB
3 KB 28ms
25ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-content/themes/bimber/js/stickyfill/stickyfill.min.js?ver=1.3.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1edb4dd717d4b084384a9a93c44a6a356f9cc0e8012f94857bc71365c16f0bf

Request headers

:path: /wp-content/themes/bimber/js/stickyfill/stickyfill.min.js?ver=1.3.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Jun 2021 00:27:17 GMT
server: cloudflare
etag: W/"60cbe865-1626"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbCkRQJzG4EW3Uzi%2F3rrjVyumcKWzgkFsvInJvX3jUTnOi49AKbPXZyzTnHQPsR2zB%2BNj%2BOXVrj9n5GKpdiHtXEwWjPP2YkK8drSMrs0PwstVjMMuTcEMcj5IVA%2BjE5CqK9hHBYqDQsvCkviuGTvhJS0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7cdc4e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 script.js Show response
www.soo-healthy.com/leavy-widget/ 2 KB
1 KB 29ms
25ms Script
text/html 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/leavy-widget/script.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03f5b383664db0c060f71b32d174613916b474ce57bd7837606721ab4b844c93

Request headers

:path: /leavy-widget/script.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Sat, 10 Jul 2021 07:26:53 GMT
server: cloudflare
age: 2742
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgxfIPtS7sH4VFFUx4SSjEln2I0OzDlLXLkEvXsk%2BKyA3ZJeNdDohO6Xldt5fx0qfcamouIe1QKMQmfNOUV70BmBeek5fwMMnF8gkivRIKSOVJoXSX%2FLM4yewtcxxuEA0pQFbIpP1soKiF0vEpCOC1jm"}],"group":"cf-nel","max_age":604800}
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=691200
cf-ray: 670b7e0e7cdf4e3d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK spt Show response
tg1.aniview.com/api/adserver/ 14 KB
5 KB 31ms
8ms Script
text/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=6061ffcc67d72b4ad8345434&AV_PUBLISHERID=602bf4005a444e531c1b7814
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9b04b5ebd6f660fb99cd2240860eee5d1e315d6fa524e89cde61b02283e4fce1

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 11:50:26 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 4785
Expires: Sun, 18 Jul 2021 11:55:26 GMT

GET
H3-29 200 modernizr-custom.min.js Show response
www.soo-healthy.com/wp-content/themes/bimber/js/modernizr/ 7 KB
4 KB 38ms
35ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-content/themes/bimber/js/modernizr/modernizr-custom.min.js?ver=3.3.0
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e66ce2eadd79bca0080194f87dbf2f1d01bbf996241615de43d94dfc7eb1d0d

Request headers

:path: /wp-content/themes/bimber/js/modernizr/modernizr-custom.min.js?ver=3.3.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Jun 2021 00:27:17 GMT
server: cloudflare
etag: W/"60cbe865-1b70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NwRLdxm8A7K3Mhh19oZIs2f%2BemGwVbAUeKBZC4FXQlYPvSCIN6p5%2BFOxDhhMIGtio%2BHkpK%2B1jizlb065hPqRUgwjhrma7G9pCcEnKd2rWyBWq894B47npX5wBsBwxrmSqBd1OonQUcLFngVTe0KrJPc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7ce34e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 jquery-migrate.min.js Show response
www.soo-healthy.com/wp-includes/js/jquery/ 10 KB
5 KB 28ms
25ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 28 Feb 2020 09:39:03 GMT
server: cloudflare
etag: W/"5e58dfb7-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1S279lMGPIXgiS1eYVJNIzcNkAq%2B6vkveJQHPIAYvI0MZE1RwA8Qtbi4j6DgiK5bZX8GwCY1lYn1tJuSRl9lTHITxzhdSaupoPJb5q5Az38ewcXc0vpVCvdXmLCkOxy9jlPBFZpqC1xctirveWqR4F6T"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7ce54e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H3-29 200 jquery.js Show response
www.soo-healthy.com/wp-includes/js/jquery/ 95 KB
35 KB 29ms
26ms Script
application/javascript 2606:4700:3034::ac43:ab97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.soo-healthy.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:ab97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.soo-healthy.com
referer: https://www.soo-healthy.com/3559
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2605513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 28 Feb 2020 09:39:03 GMT
server: cloudflare
etag: W/"5e58dfb7-17a6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9eArs2XcGdrZIxY5R5cx69r4TPUWOT2OT%2F0fTsqR1sV9U3kw4RPH40BXO0ZoHtcqFg%2F%2BukeUW6WS%2BtjS1QW2IEPVehfI6HiQWmaRUvAdvKXHya336VDFzXdIHKyRHCBlGvNIGWCF0aNxZS9gk6s8sYgQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 670b7e0e7ce84e3d-FRA
expires: Sat, 18 Jun 2022 08:05:13 GMT

GET
H/1.1 200
OK 189871-58777117084169.js Show response
js-sec.indexww.com/ht/p/ 44 KB
15 KB 177ms
62ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/189871-58777117084169.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9f560a88409ec997718aa615b80adaa0baed7fcbe955bb73f6dedeebe649821f

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 11:50:26 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Jul 2021 11:26:45 GMT
Server: Apache
ETag: "da45f6-b121-5c764187c307c"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2449
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 14936
Expires: Sun, 18 Jul 2021 12:31:15 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
306 B 150ms
149ms XHR
text/plain 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.soo-healthy.com%2F3559&pubid=ca2c02bc-7201-41d7-a374-7e7473cc842c
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.soo-healthy.com
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: jVCqXENxPoek-L_UkuJTVzDcfYTG-3_nHZ1mEDu0EpscXSIbwzDIGA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 69ms
23ms XHR
application/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 30679
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 01 Jul 2021 22:05:10 GMT
server: AmazonS3
date: Sun, 18 Jul 2021 03:19:16 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: _4Sae6ynjUAu8HbvzbfFLfc3Z7uQZk9qIan8ra_IFSGHcBVXAwGxYg==

GET
H3-29 200 pubads_impl_2021071301.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 75ms
38ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

9f43aa34b620c451290ad923748729c9956da9e7476387b34f860d1131108924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 08:39:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117314
x-xss-protection: 0
expires: Sun, 18 Jul 2021 11:50:26 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 78 B
104 B 78ms
37ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.soo-healthy.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2f670352652471c5e961c1992ed3813a521054aec6e2d5047de73415a6ce4f44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Sun, 18 Jul 2021 11:50:26 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
547 B 164ms
54ms XHR
application/json 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=189871&gdpr=0
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/189871-58777117084169.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: b435302427cdecf38395d78b46379451fe50ae8353b32fd062a5a20e17f6e864

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.soo-healthy.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Tue, 17 Aug 2021 11:50:26 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 0
224 B 84ms
36ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/189871-58777117084169.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.soo-healthy.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
54 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXTTZMV

Requested by

Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ef11f7269dfe7b65572d72528dff56929869c76e8c49df15083959e1a92d4d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54786
x-xss-protection: 0
last-modified: Sun, 18 Jul 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 18 Jul 2021 11:50:26 GMT

GET
H2 200 player.js Show response
player.aniview.com/script/6.1/ 25 KB
9 KB 23ms
8ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/player.js
Requested by: Host: tg1.aniview.com
URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=6061ffcc67d72b4ad8345434&AV_PUBLISHERID=602bf4005a444e531c1b7814
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: ed9d8a85752444c07d53491a1737889b4d86e194b64eaae1ed0bb8789e1ed0ea

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsye83F27IwfGexeIpCyU2TWyY9XPUBFWjhQpckqidZi6LVwTElqcOwZoE-iWZo3nVsLj1lueD6xbjra3IZGp1arYwxeA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 9069
last-modified: Wed, 14 Jul 2021 08:58:57 GMT
server: UploadServer
etag: "f09c55abc97d0f3f7ffc23768917498d"
vary: Accept-Encoding
x-goog-hash: crc32c=NDtfSg==, md5=8JxVq8l9Dz9//CN2iRdJjQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1626253137486582
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9069
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 18 Jul 2021 11:55:26 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 373ms
123ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=602bf4005a444e531c1b7814&cid=6061ef6e7591bb462e199484&cb=1626609026553&r=www.soo-healthy.com&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&e=playerLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 7958 344 KB
98 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=602bf4005a444e531c1b7814
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6775ae3a750e03d17aef17361eb2ff327abc112796226aafc0dba8f3d7845d0d

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduaDgPkp_R4LCB6X0nkLqtQRAGmWpF51Ckil2fG4W5xfkIAHKuFEF1VpjBSyXZNRUlxFUGRvikgiqoAdEmOLXvUWRKXhQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 99395
last-modified: Wed, 14 Jul 2021 08:58:16 GMT
server: UploadServer
etag: "ae36937a7d404d46344fcd812980641d"
vary: Accept-Encoding
x-goog-hash: crc32c=GfSxwg==, md5=rjaTen1ATUY0T82BKYBkHQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1626253096644759
access-control-expose-headers: Content-Type
cache-control: no-transform, max-age=300
x-goog-stored-content-length: 99395
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 18 Jul 2021 11:55:26 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 279ms
125ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.soo-healthy.com&sn=&ic=0&tgt=0&app=&wi=640&he=360&test=&apppkg=&fv=3&proto=https&pid=602bf4005a444e531c1b7814&cid=6061ef6e7591bb462e199484&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&e=inventory&vi=100&cb=1626609026649
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 18 KB
4 KB 370ms
132ms XHR
application/json 18.208.241.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.soo-healthy.com%2F3559&AV_PUBLISHERID=602bf4005a444e531c1b7814&AV_CHANNELID=6061ef6e7591bb462e199484&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.soo-healthy.com&AV_DADPOS=3&AV_PLACEMENT=5&AV_TAG=6061ffcc67d72b4ad8345434&AV_TEMPLATE=602bffb67cace41603668460&v=6.1.1.243&avtoken=26649&AV_WIDTH=640&AV_HEIGHT=360&AV_DNT=0&cb=1626609026664
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=602bf4005a444e531c1b7814
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.241.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-241-4.compute-1.amazonaws.com
Software: /
Resource Hash: 3740db08818b0f0486beb99ae6167c0177f009252e2d9237d9289f86f4b4eebb

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.soo-healthy.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Tue, 06 Jul 2021 22:03:46 GMT

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
435 B 179ms
61ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=502002&u=https%3A%2F%2Fwww.soo-healthy.com%2F3559&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/189871-58777117084169.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:26 GMT
X-AK-INITIAL-GEO: CC:[CH], RC:[ZH], CN:[EU], CIP:[185.236.201.228], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.soo-healthy.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Sun, 18 Jul 2021 11:50:26 GMT

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 989B
Redirect Chain

https://pixel.advertising.com/ups/58246/sync?&gdpr=0&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58246/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58246/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP5800ec3f-e7be-11eb-b2c4-023cc9be729a
https://ups.analytics.yahoo.com/ups/58246/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP5800ec3f-e7be-11eb-b2c4-023cc9be729a&verify=true
https://sync.aniview.com/cookiesyncendpoint?biddername=25&pid=59c9148628a0612da3689288&key=y-KeQqY2pE2uHlg3MCzOVKXl.LTkzFF30f~A~UP5800ec3f-e7be-11eb-b2c4-023cc9be729a

0
305 B

201ms
118ms

Document
text/plain

34.192.164.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?biddername=25&pid=59c9148628a0612da3689288&key=y-KeQqY2pE2uHlg3MCzOVKXl.LTkzFF30f~A~UP5800ec3f-e7be-11eb-b2c4-023cc9be729a
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=602bf4005a444e531c1b7814
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.164.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-164-183.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?biddername=25&pid=59c9148628a0612da3689288&key=y-KeQqY2pE2uHlg3MCzOVKXl.LTkzFF30f~A~UP5800ec3f-e7be-11eb-b2c4-023cc9be729a
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.soo-healthy.com/3559
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aniC=1626609026957-975664409562-008546-009-008286
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.soo-healthy.com/3559

Response headers

date: Sun, 18 Jul 2021 11:50:27 GMT
content-length: 0
set-cookie: 2_C_25=y-KeQqY2pE2uHlg3MCzOVKXl.LTkzFF30f~A~UP5800ec3f-e7be-11eb-b2c4-023cc9be729a; Path=/; Domain=aniview.com; Expires=Mon, 19 Jul 2021 11:50:27 GMT; Secure; SameSite=None 2_C_25=y-KeQqY2pE2uHlg3MCzOVKXl.LTkzFF30f~A~UP5800ec3f-e7be-11eb-b2c4-023cc9be729a; Path=/; Expires=Mon, 19 Jul 2021 11:50:27 GMT; Secure; SameSite=None

Redirect headers

Date: Sun, 18 Jul 2021 11:50:27 GMT
Content-Length: 0
Strict-Transport-Security: max-age=31536000
Set-Cookie: IDSYNC=18xy~1zbn;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Tue, 19-Jul-2022 11:50:27 GMT;Secure;SameSite=None APID=UP5800ec3f-e7be-11eb-b2c4-023cc9be729a;Version=1;Domain=.yahoo.com;Path=/;Max-Age=14386172;Expires=Sat, 01-Jan-2022 00:00:00 GMT;Secure;SameSite=None APIDTS=1626609027;Version=1;Domain=.yahoo.com;Path=/;Max-Age=86400;Expires=Mon, 19-Jul-2021 11:50:27 GMT;Secure;SameSite=None A3=d=AQABBIMV9GACECW5C4MoJaZBVQIkYuLeepUFEgEBAQFn9WD9YAAAAAAA_eMAAA&S=AQAAAqMADC4ggCYas73QsZugx-I; Expires=Mon, 18 Jul 2022 17:50:27 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=9aumus9gf85c3&b=3&s=4u; Expires=Mon, 18 Jul 2022 17:50:27 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.aniview.com/cookiesyncendpoint?biddername=25&pid=59c9148628a0612da3689288&key=y-KeQqY2pE2uHlg3MCzOVKXl.LTkzFF30f~A~UP5800ec3f-e7be-11eb-b2c4-023cc9be729a
Age: 0
Connection: keep-alive
Server: ATS/7.1.2.128

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 991F
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1626609026957-975664409562-008546-009-008286%26biddername%3D22%26key%3D%7BPUB_USE...
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1626609026957-975664409562-008546-009-008286%26biddername%3D22%26key%3D%7BP...
https://sync.aniview.com/cookiesyncendpoint?auid=1626609026957-975664409562-008546-009-008286&biddername=22&key=3fa80426-4fd3-43fd-99b4-d06ed3e6a866

0
240 B

359ms
117ms

Document
text/plain

34.192.164.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1626609026957-975664409562-008546-009-008286&biddername=22&key=3fa80426-4fd3-43fd-99b4-d06ed3e6a866
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=602bf4005a444e531c1b7814
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.164.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-164-183.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1626609026957-975664409562-008546-009-008286&biddername=22&key=3fa80426-4fd3-43fd-99b4-d06ed3e6a866
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.soo-healthy.com/3559
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aniC=1626609026957-975664409562-008546-009-008286
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.soo-healthy.com/3559

Response headers

date: Sun, 18 Jul 2021 11:50:27 GMT
content-length: 0
set-cookie: 2_C_22=3fa80426-4fd3-43fd-99b4-d06ed3e6a866; Path=/; Domain=aniview.com; Expires=Mon, 19 Jul 2021 11:50:27 GMT; Secure; SameSite=None 2_C_22=3fa80426-4fd3-43fd-99b4-d06ed3e6a866; Path=/; Expires=Mon, 19 Jul 2021 11:50:27 GMT; Secure; SameSite=None

Redirect headers

date: Sun, 18 Jul 2021 11:50:27 GMT
content-type: text/plain
content-length: 0
location: https://sync.aniview.com/cookiesyncendpoint?auid=1626609026957-975664409562-008546-009-008286&biddername=22&key=3fa80426-4fd3-43fd-99b4-d06ed3e6a866
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 4493
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1626609026957-975664409562-008546-009-008286%26biddername%3D200%26key%3D%5BRX_UUI...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1431320208
https://sync.1rx.io/usersync/tradedesk/ebb69b3d-70b2-400c-a997-e06cbd67dafc
https://sync.targeting.unrulymedia.com/csync/RX-46961e77-2830-4703-9064-48990a1e00ec-003?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1626609026957-975664409562-008546-009-008...
https://sync.aniview.com/cookiesyncendpoint?auid=1626609026957-975664409562-008546-009-008286&biddername=200&key=RX-46961e77-2830-4703-9064-48990a1e00ec-003

0
250 B

128ms
117ms

Document
text/plain

34.192.164.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1626609026957-975664409562-008546-009-008286&biddername=200&key=RX-46961e77-2830-4703-9064-48990a1e00ec-003
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=602bf4005a444e531c1b7814
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.164.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-164-183.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1626609026957-975664409562-008546-009-008286&biddername=200&key=RX-46961e77-2830-4703-9064-48990a1e00ec-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.soo-healthy.com/3559
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aniC=1626609026957-975664409562-008546-009-008286
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.soo-healthy.com/3559

Response headers

date: Sun, 18 Jul 2021 11:50:27 GMT
content-length: 0
set-cookie: 2_C_200=RX-46961e77-2830-4703-9064-48990a1e00ec-003; Path=/; Domain=aniview.com; Expires=Mon, 19 Jul 2021 11:50:27 GMT; Secure; SameSite=None 2_C_200=RX-46961e77-2830-4703-9064-48990a1e00ec-003; Path=/; Expires=Mon, 19 Jul 2021 11:50:27 GMT; Secure; SameSite=None

Redirect headers

server: Tengine
date: Sun, 18 Jul 2021 11:50:27 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-46961e77-2830-4703-9064-48990a1e00ec-003%22%7D; path=/; expires=Mon, 18 Jul 2022 11:50:27 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.aniview.com/cookiesyncendpoint?auid=1626609026957-975664409562-008546-009-008286&biddername=200&key=RX-46961e77-2830-4703-9064-48990a1e00ec-003
etag: RX46961e7728304703906448990a1e00ec003

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame 7958 282 KB
89 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=602bf4005a444e531c1b7814
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 60c420151119c997eb9f8c8c7ab0771775980aeba9e8c1deb96aaff93984c1e9

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:27 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvF1Y7SNk-aFpXWt86YLEeogYaBbO96qQO3uEYCijroD8SeXBpL96XLNojzbVwvbBfIk3BhNQgSAuh4b_L-sZCPGV3--A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 90379
last-modified: Wed, 14 Jul 2021 08:57:34 GMT
server: UploadServer
etag: "23919fad16ba2ca2bfd55694eeae525a"
vary: Accept-Encoding
x-goog-hash: crc32c=AxQ1eQ==, md5=I5GfrRa6LKK/1VaU7q5SWg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1626253054480425
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 90379
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 18 Jul 2021 11:55:27 GMT

GET
H2 200 avpb3a1.js Show response
player.aniview.com/script/6.1/ Frame 7958 74 KB
24 KB 10ms
9ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3a1.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=602bf4005a444e531c1b7814
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 8ce9e4cc5d3b0fcfb20a038cdbdb7df974b3facc5caece06ec645bcfd9839c96

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:27 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsN7LjsVkL-P0RB8tKAo7qkaCCq9E1sDkCWmQWengk9QebsdFa4ZMYF9u-jOxT7Gfxms7202CSkbQmrR70i8JZoeEZ_2w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 23854
last-modified: Wed, 14 Jul 2021 08:58:03 GMT
server: UploadServer
etag: "89114caa5818602b235591a251da6ac7"
vary: Accept-Encoding
x-goog-hash: crc32c=EOzNRA==, md5=iRFMqlgYYCsjVZGiUdpqxw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1626253083112240
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 23854
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 18 Jul 2021 11:55:27 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 7958 123 KB
33 KB 27ms
27ms Script
application/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=602bf4005a444e531c1b7814
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jul 2021 20:57:42 GMT
content-encoding: gzip
server: Server
age: 53565
etag: f8520ea4ebd91256d6b4f461d472242a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: HJDQ_J13MpB0okrd1UAc4euAMZtdyOJl
x-amz-cf-id: PIpd-uUrvQZN0WEmUuhph_08DPNa81m_RqhigCNQmg_n5DMk19xXOQ==

GET
H2 200 track
track1.aniview.com/ 0
70 B 124ms
123ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&nid=602bf4005a444e531c1b7814&ncid=6061ef6e7591bb462e199484&e=request&cb=1626609027051&asid=6086b9bd9d898f232a463677%2C6061f000260db65bad44bc65%2C60ca01bc4b83a85f48584ee6%2C60631362089daf1f88064c5a&ofpr=%2C1%2C1%2C1&fpo=%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 125ms
124ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&&copid=602bf4005a444e531c1b7814&nid=59c9148628a0612da3689288&cocid=6061ef6e7591bb462e199484&ncid=608ae844bab356187b597498&coasid=608ae873e143d0187c6b0595&e=request&cb=1626609027051&asid=609114a546161a4cad024775%2C609b913fec6d95371b2d9ce9%2C608fab6f1db36035e40f3e63%2C609cf81c4fdbb0567c32dcd0%2C60a6235149f90734df270dac&ofpr=%2C%2C1.6%2C2%2C1.5&fpo=%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 20ms
5ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210718

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cbc6988a47a348b00501ea7336494748360fd983cc59d77fa35de27a593ce78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 31364
x-jsd-version: 1.0.1041
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 953
etag: W/"69f-xjw2EVlzaQCXXlwVaMAaO8oJWJY"
x-served-by: cache-fra19169-FRA
x-jsd-version-type: version
date: Sun, 18 Jul 2021 11:50:27 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 109ms
45ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b62c82bf4330bb132014a8f81a4fdca1c3c73f2f224b575f627fdcaed9fa678e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:27 GMT
X-Proxy-Origin: 185.236.201.228; 185.236.201.228; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0fb865f8-4694-4607-9836-9046b1787213
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.soo-healthy.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
220 B 330ms
240ms XHR
application/json 3.120.211.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=BroMedia
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.211.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.soo-healthy.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 avjp Show response
aniview-d.openx.net/v/1.0/ 106 B
480 B 148ms
86ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://aniview-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.soo-healthy.com%2F3559&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3c99bc9b-6152-402b-9f8d-7596ddef707c&nocache=1626609027107&schain=1.0%2C1!aniview.com%2C602bf4005a444e531c1b7814%2C1%2Caf356164360fe5cb1428c17490090e41_1723156107%2CBro%20Media%20Limited%2Cbro-media.net&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A640%2C%22h%22%3A360%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=544053471&vwd=640&vht=360&vos=101&aumfs=2000
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:27 GMT
via: 1.1 google
server: OXGW/16.210.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.soo-healthy.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
452 B 209ms
120ms XHR
application/json 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNjQxMzkmcHJpY2VUeXBlPW5ldCZtaW5wPTEmY2RpbXM9NjQweDM2MCZ0cmFuc2FjdGlvbklkPWMxMWFjZGQ2LWM0ODUtNGEzYS1hNTkwLWY5YjE3NDVjNjI2NSZyY3VyPVVTRA%3D%3D&pt=net&stid=2829136a-0331-483c-897a-556589045ff5&fd=1&url=https%3A%2F%2Fwww.soo-healthy.com%2F3559

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.soo-healthy.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
220 B 366ms
250ms XHR
application/json 3.120.211.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=AniViewHB
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.211.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.soo-healthy.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
688 B 147ms
89ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=649762&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%221130eb500fae7f1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.soo-healthy.com%2F3559%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22127f96aeedd0cd9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22649762%22%2C%22sid%22%3A%22640x360%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A640%2C%22h%22%3A360%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5248aed97d32d112032485001e69d9892f38ab3492db5f597f4ca337eb008f14

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:27 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[CH], RC:[ZH], CN:[EU], CIP:[185.236.201.228], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin: https://www.soo-healthy.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 45
x-ak-client-geo: 12
expires: Sun, 18 Jul 2021 11:50:27 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 32ms
32ms XHR
text/plain 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.soo-healthy.com%2F3559&pubid=ca2c02bc-7201-41d7-a374-7e7473cc842c
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:26 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
server: Server
age: 1
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.soo-healthy.com
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: M23rkjw8g5FFv1HKB1xc8Q3yA3416LAzt27MiqgzELHldMJZFbBgUA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 151 B
529 B 158ms
157ms XHR
text/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.soo-healthy.com%2F3559&pid=yoGSwD37HHP9h&cb=0&ws=0x0&v=7.67.00&t=8000&slots=%5B%7B%22id%22%3A%22SH_video%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=0&pubid=ca2c02bc-7201-41d7-a374-7e7473cc842c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: ce22eafb4be807fdeeb182461e9024106a4f5d1cd78c08dd9e56241b0896c544

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:27 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: ZRH50-C1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.soo-healthy.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 150
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
x-amz-cf-id: UuCizmJpM0S99nR7X2_QN16RyJcVsLYoAQ4lS2VPNVOkv5MirW-Jvw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 25ms
24ms XHR
application/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 30680
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 01 Jul 2021 22:05:10 GMT
server: AmazonS3
date: Sun, 18 Jul 2021 03:19:16 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: tBvkREIHuFR-nzb1GJ05ffvNDJNlV7nAyVgvmH2i3a5pZeTBZCeDuw==

GET
H/1.1

200
OK

Cookie set iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame AECD
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&dcc=t

273 B
954 B

216ms
216ms

Document
text/html

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 3231f5c502d8800ca081581154af09abb6bf371b229b50a3153390ba49d06e42

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.soo-healthy.com/3559
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=AxlR2agO90ZBsXGfedfd7JE|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.soo-healthy.com/3559

Response headers

Server: Server
Date: Sun, 18 Jul 2021 11:50:27 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 217
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=AxlR2agO90ZBsXGfedfd7JE; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 11:50:27 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Thu, 01-Oct-2026 11:50:27 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Sun, 18 Jul 2021 11:50:27 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&dcc=t
Set-Cookie: ad-id=AxlR2agO90ZBsXGfedfd7JE|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 11:50:27 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H2 200 track
track1.aniview.com/ 0
70 B 125ms
124ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&&copid=602bf4005a444e531c1b7814&nid=59c9148628a0612da3689288&cocid=6061ef6e7591bb462e199484&ncid=608ae844bab356187b597498&coasid=608ae873e143d0187c6b0595&e=bid&cb=1626609027480&asid=609114a546161a4cad024775%2C609b913fec6d95371b2d9ce9&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FFBC 340 KB
117 KB 37ms
13ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=602bf4005a444e531c1b7814

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c95dda6af1a7e1e5cf6d3f17df342ab4a3136715e9d470b9285889009c475f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119593
x-xss-protection: 0
expires: Sun, 18 Jul 2021 11:50:27 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6762 340 KB
117 KB 44ms
22ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=602bf4005a444e531c1b7814

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c95dda6af1a7e1e5cf6d3f17df342ab4a3136715e9d470b9285889009c475f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119593
x-xss-protection: 0
expires: Sun, 18 Jul 2021 11:50:27 GMT

GET
H3-29 200 bridge3.471.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame D392 577 KB
189 KB 21ms
8ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.471.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e15422f05cbcde9d0d0753658f6e095c40ca06db76f84e74ab191c4d6f8fa560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.471.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.soo-healthy.com/3559
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.soo-healthy.com/3559

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193844
date: Thu, 15 Jul 2021 13:09:45 GMT
expires: Fri, 15 Jul 2022 13:09:45 GMT
last-modified: Tue, 13 Jul 2021 20:58:43 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 254442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame FFBC 44 KB
17 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Sun, 18 Jul 2021 11:50:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame FFBC 107 B
570 B 35ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.soo-healthy.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Jul 2021 11:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.471.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6229 577 KB
189 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.471.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e15422f05cbcde9d0d0753658f6e095c40ca06db76f84e74ab191c4d6f8fa560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.471.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.soo-healthy.com/3559
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.soo-healthy.com/3559

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193844
date: Thu, 15 Jul 2021 13:09:45 GMT
expires: Fri, 15 Jul 2022 13:09:45 GMT
last-modified: Tue, 13 Jul 2021 20:58:43 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 254442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6762 44 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Sun, 18 Jul 2021 11:50:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6762 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.soo-healthy.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Jul 2021 11:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 815C 36 KB
13 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 18 Jul 2021 12:11:10 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D4BE 36 KB
12 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 18 Jul 2021 12:11:10 GMT

GET
H/1.1 200
OK pr Show response
aax-eu.amazon-adsystem.com/s/v3/ Frame 2BB0 2 KB
967 B 63ms
63ms Document
text/html 52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a1343e259c153b2377aef5294748120cce8834d16e8b4486794917daabff816d

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&dcc=t
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=AxlR2agO90ZBsXGfedfd7JE; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&dcc=t

Response headers

Server: Server
Date: Sun, 18 Jul 2021 11:50:27 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 606
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D392 25 KB
7 KB 302ms
301ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F170737076%2FVideo%2Faniview.com%2Fsoo-healthy.com&description_url=https%3A%2F%2Fsoo-healthy.com&env=vp&correlator=3714001953278086&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x480&max_ad_duration=30000&unviewed_position_start=1&cust_params=posA%3D2&sdkv=h.3.471.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=568445600&sdk_apis=2%2C8&sid=F9A8A4B7-5D37-4451-A555-2EF4B7AFDB79&eid=44736285&url=https%3A%2F%2Fwww.soo-healthy.com%2F3559&dt=1626609027790&cookie_enabled=1&scor=2076105581686663&ged=ve4_td1_tt0_pd1_la1000_er1028.1302.1184.1590_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.471.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

c071ab90a752101d8e04ed2c9004ab97f626ddae93b775c82151795e0a54d616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6732
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6229 26 KB
7 KB 249ms
248ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Aniview%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.soo-healthy.com%2F3559&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1869372756620632&sdkv=h.3.471.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3190487097&sdk_apis=2%2C8&sid=DB8DFC27-23B1-4703-B47F-C995B5EF1D23&eid=44730464%2C44737473&url=https%3A%2F%2Fwww.soo-healthy.com%2F3559&dt=1626609027798&cookie_enabled=1&scor=1465755576166303&ged=ve4_td1_tt0_pd1_la1000_er1028.1302.1184.1590_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.471.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d0a2f073c3451ecc8a692e20bf14b655f40538e18b6186474e9e9ef6d13299c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6943
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 606D 2 KB
3 KB 154ms
56ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 86979f9dcafdd2577084f9c35465da282de5ef01ffbd44c5d51d5a70944d0780

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YPQVgz6iqO69Kz0OboDlFwAA; CMDD=AAeo8gE*; CMST=YPQVg2D0FYMB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|45|241|39|195|51|221|88
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1896
Expires: Sun, 18 Jul 2021 11:50:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:27 GMT
Connection: keep-alive
Set-Cookie: CMID=YPQVgz6iqO69Kz0OboDlFwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 18 Jul 2022 11:50:27 GMT CMPS=5223;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 16 Oct 2021 11:50:27 GMT CMPRO=1139;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 16 Oct 2021 11:50:27 GMT CMRUM3=dd60f415832760&2d60f4158305a0&f160f4158305a0&e660f415832760&2760f415830b40&5860f4158305a0&3360f4158305a0&c360f4158305a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 18 Jul 2022 11:50:27 GMT CMDD=AAeo8gE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 19 Jul 2021 11:50:27 GMT

GET
H2 403 tamptsync Show response
sync-amz.ads.yieldmo.com/ Frame D030 243 B
481 B 403ms
369ms Document
application/xml 2600:9000:21f3:7000:0:70b1:7080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7000:0:70b1:7080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b12588e1df34c006aeb85347f5d4ed740ae9257e3df8a7ad747bf208f1e58aed

Request headers

:method: GET
:authority: sync-amz.ads.yieldmo.com
:scheme: https
:path: /tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: application/xml
date: Sun, 18 Jul 2021 11:50:28 GMT
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: FVr32H2b6LnVtnA6WWEBIkykUKqViLgJLfZ5eNdrwqUCFZJh9_FdxQ==

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame E299 628 B
726 B 40ms
39ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 56832ad43e634d46d48c2cd9cc7ad80121b042bdddaaa3bd67af5fb0ce109d5c

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=7a08fe0e-fb9d-0e27-1d46-40dfa4309d3a|1626609027
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=7a08fe0e-fb9d-0e27-1d46-40dfa4309d3a|1626609027; Version=1; Expires=Mon, 18-Jul-2022 11:50:27 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1626609027|gen0vNiygu; Version=1; Expires=Mon, 02-Aug-2021 11:50:27 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.210.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 18 Jul 2021 11:50:27 GMT
content-type: text/html
content-length: 394
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 204 current
amazon-tam-match.dotomi.com/match/bounce/ Frame 9482 0
0 98ms
65ms Document
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: amazon-tam-match.dotomi.com
:scheme: https
:path: /match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sun, 18 Jul 2021 11:50:27 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 79AE
Redirect Chain

https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
https://aax-eu.amazon-adsystem.com/s/ecm3?id=5711895052350190188&ex=appnexus.com

43 B
344 B

65ms
65ms

Document
image/gif

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=5711895052350190188&ex=appnexus.com
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=AxlR2agO90ZBsXGfedfd7JE; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Server
Date: Sun, 18 Jul 2021 11:50:27 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

Redirect headers

Server: nginx/1.17.9
Date: Sun, 18 Jul 2021 11:50:27 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?id=5711895052350190188&ex=appnexus.com
AN-X-Request-Uuid: 7c8c6b37-df9d-46b1-a779-3c711c5ec6f3
Set-Cookie: uuid2=5711895052350190188; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 16-Oct-2021 11:50:27 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 185.236.201.228; 185.236.201.228; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame AC16
Redirect Chain

https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=4354449395726896665

43 B
344 B

115ms
64ms

Document
image/gif

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=4354449395726896665
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=AxlR2agO90ZBsXGfedfd7JE; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Server
Date: Sun, 18 Jul 2021 11:50:27 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

Redirect headers

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=4354449395726896665; Domain=.turn.com; Expires=Fri, 14-Jan-2022 11:50:27 GMT; Path=/; Secure; SameSite=None
location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=4354449395726896665
content-length: 0
date: Sun, 18 Jul 2021 11:50:27 GMT

GET
H/1.1

200
OK

Cookie set amazon Show response
ap.lijit.com/beacon/ Frame C9FE
Redirect Chain

https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1

1 KB
1 KB

108ms
108ms

Document
text/html

23.92.190.69
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.92.190.69 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 142cd25d0b899ad93ac0ddd4c17cd451d804a4f42f07fc53b3cb89f6f55e9366

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=266c78837ec011d0eee18554
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Sun, 18 Jul 2021 11:50:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJyrVjI0U7IyNDMytzC0MDOy0FEyRuUaofFNDQwMUUUsDZD5tQCtZRCi;Path=/;Domain=.lijit.com;Expires=Mon, 18-Jul-2022 11:50:28 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=266c78837ec011d0eee18554;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap3ewr1

Redirect headers

Server: nginx
Date: Sun, 18 Jul 2021 11:50:28 GMT
Content-Length: 0
Set-Cookie: ljt_reader=266c78837ec011d0eee18554;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap3ewr1

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 14C3
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4578994905302910181

43 B
344 B

65ms
54ms

Document
image/gif

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4578994905302910181
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-index_ym_ox-db5_cnv_an-db5_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=AxlR2agO90ZBsXGfedfd7JE; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Server
Date: Sun, 18 Jul 2021 11:50:28 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

Redirect headers

date: Sun, 18 Jul 2021 11:50:27 GMT
content-length: 0
location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=4578994905302910181
set-cookie: tluid=4578994905302910181; Max-Age=7776000; Expires=Sat, 16 Oct 2021 11:50:27 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame E299 43 B
344 B 178ms
59ms Image
image/gif 52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=f172bd2a-4eb0-8a2a-879e-0aa0a8246527
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E299
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=MFt0VjdeKlErDiIANwk_UTZfJFErCiBVNF5ifLfo

43 B
122 B

39ms
38ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=MFt0VjdeKlErDiIANwk_UTZfJFErCiBVNF5ifLfo
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:27 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=MFt0VjdeKlErDiIANwk_UTZfJFErCiBVNF5ifLfo
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E299
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4162634916303939606

43 B
106 B

40ms
39ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4162634916303939606
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4162634916303939606
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame E299 70 B
264 B 55ms
54ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=a9a4c157-521a-31d0-4790-8837c017aec7&gdpr=0
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E299
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODVjYjEyOWQtOWI2ZC02Zjc0LTUyNzAtZDI4ZTBhZjU2MGE3
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODVjYjEyOWQtOWI2ZC02Zjc0LTUyNzAtZDI4ZTBhZjU2MGE3&google_tc=

170 B
188 B

72ms
36ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODVjYjEyOWQtOWI2ZC02Zjc0LTUyNzAtZDI4ZTBhZjU2MGE3&google_tc=

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODVjYjEyOWQtOWI2ZC02Zjc0LTUyNzAtZDI4ZTBhZjU2MGE3&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E299
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDBHiaFjVD6I8mTdVL-eKbg&google_cver=1

43 B
106 B

40ms
39ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDBHiaFjVD6I8mTdVL-eKbg&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDBHiaFjVD6I8mTdVL-eKbg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 03B5 2 KB
1 KB 56ms
56ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.soo-healthy.com/3559
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.soo-healthy.com/3559

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Sun, 18 Jul 2021 11:50:28 GMT
Connection: keep-alive

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 826E 646 B
693 B 40ms
39ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 1cdf315777c68db6cf3604dcb5974006042bbd77947730dfb9bbfd443b3e3e90

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.soo-healthy.com/3559
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=7a08fe0e-fb9d-0e27-1d46-40dfa4309d3a|1626609027; pd=v2|1626609027|gen0vNiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.soo-healthy.com/3559

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=7a08fe0e-fb9d-0e27-1d46-40dfa4309d3a|1626609027; Version=1; Expires=Mon, 18-Jul-2022 11:50:27 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1626609027|kigqiyommOgevNgunsn0gi; Version=1; Expires=Mon, 02-Aug-2021 11:50:27 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.210.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 18 Jul 2021 11:50:27 GMT
content-type: text/html
content-length: 382
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5ADC 52 KB
17 KB 148ms
53ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.soo-healthy.com/3559
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIoNZ3EAoYASABKAEwg6vQhwY4AUABSAEQg6vQhwYYAA..; uuid2=5711895052350190188
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.soo-healthy.com/3559

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Mon, 19 Jul 2021 11:50:30 GMT
Date: Sun, 18 Jul 2021 11:50:28 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP5800ec3f-e7be-11eb-b2c4-023cc9be729a
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA1ODAwZWMzZi1lN2JlLTExZWItYjJjNC0wMjNjYzliZTcyOWE%3D
https://pixel.advertising.com/ups/57304/sync?uid=CAESECUbn_QDx1UCpz_ONVfaGgU&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESECUbn_QDx1UCpz_ONVfaGgU&google_cver=1&apid=UP5800ec3f-e7be-11eb-b2c4-023cc9be729a

0
1 KB

44ms
36ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESECUbn_QDx1UCpz_ONVfaGgU&google_cver=1&apid=UP5800ec3f-e7be-11eb-b2c4-023cc9be729a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESECUbn_QDx1UCpz_ONVfaGgU&google_cver=1&apid=UP5800ec3f-e7be-11eb-b2c4-023cc9be729a
date: Sun, 18 Jul 2021 11:50:28 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=ebb69b3d-70b2-400c-a997-e06cbd67dafc&_origin=1&gdpr=1&gdpr_consent=

0
234 B

110ms
94ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=ebb69b3d-70b2-400c-a997-e06cbd67dafc&_origin=1&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=ebb69b3d-70b2-400c-a997-e06cbd67dafc&_origin=1&gdpr=1&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
https://pixel.advertising.com/ups/55986/sync?uid=YPQVhAAC2n2KewAC&_origin=0&gdpr=0&gdpr_consent=&_test=YPQVhAAC2n2KewAC
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YPQVhAAC2n2KewAC&_origin=0&gdpr=0&gdpr_consent=&_test=YPQVhAAC2n2KewAC&apid=UP5800ec3f-e7be-11eb-b2c4-023cc9be729a

0
1 KB

35ms
35ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55986/sync?uid=YPQVhAAC2n2KewAC&_origin=0&gdpr=0&gdpr_consent=&_test=YPQVhAAC2n2KewAC&apid=UP5800ec3f-e7be-11eb-b2c4-023cc9be729a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55986/sync?uid=YPQVhAAC2n2KewAC&_origin=0&gdpr=0&gdpr_consent=&_test=YPQVhAAC2n2KewAC&apid=UP5800ec3f-e7be-11eb-b2c4-023cc9be729a
date: Sun, 18 Jul 2021 11:50:28 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 606D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPQVgz6iqO69Kz0OboDlFwAABHMAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEL2KBdSfiEO0HokFAlIo3os&google_cver=1

43 B
315 B

80ms
53ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEL2KBdSfiEO0HokFAlIo3os&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sun, 18 Jul 2021 11:50:28 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEL2KBdSfiEO0HokFAlIo3os&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 606D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YPQVgz6iqO69Kz0OboDlFwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKblW_ddrkD6ETa36y4CjuE&google_cver=1

43 B
1 KB

156ms
61ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKblW_ddrkD6ETa36y4CjuE&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 18 Jul 2021 11:50:28 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKblW_ddrkD6ETa36y4CjuE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 606D 43 B
932 B 367ms
125ms Image
image/gif 52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YPQVgz6iqO69Kz0OboDlFwAABHMAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: J23E497V8H38WQGVJH5H
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 606D 70 B
264 B 55ms
53ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YPQVgz6iqO69Kz0OboDlFwAA
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 606D
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-97cebd39-5b6e-4319-a06f-32b30aaffbdc

43 B
1 KB

61ms
61ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-97cebd39-5b6e-4319-a06f-32b30aaffbdc
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 18 Jul 2021 11:50:28 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-97cebd39-5b6e-4319-a06f-32b30aaffbdc
date: Sun, 18 Jul 2021 11:50:28 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 606D
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://x.bidswitch.net/ul_cb/sync?ssp=index
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=index&bsw_custom_parameter=038ebc22-9900-42dc-8ad0-8c492131583e
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=index&expires=10&bsw_param=038ebc22-9900-42dc-8ad0-8c492131583e
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=038ebc22-9900-42dc-8ad0-8c492131583e

43 B
1 KB

806ms
53ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=038ebc22-9900-42dc-8ad0-8c492131583e
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 18 Jul 2021 11:50:29 GMT

Redirect headers

location: //dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=038ebc22-9900-42dc-8ad0-8c492131583e
date: Sun, 18 Jul 2021 11:50:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

tpid=YPQVgz6iqO69Kz0OboDlFwAA%261139
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 606D
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YPQVgz6iqO69Kz0OboDlFwAA%261139?gdpr_consent=&us_privacy=&gdpr=
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPQVgz6iqO69Kz0OboDlFwAA%261139?gdpr_consent=&us_privacy=&gdpr=

49 B
739 B

71ms
71ms

Image
image/gif

34.251.130.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPQVgz6iqO69Kz0OboDlFwAA%261139?gdpr_consent=&us_privacy=&gdpr=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.130.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-130-56.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.30.162
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPQVgz6iqO69Kz0OboDlFwAA%261139?gdpr_consent=&us_privacy=&gdpr=
cache-control: no-cache
x-server: 10.45.31.92
content-length: 0
expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 606D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YPQVhAAC2luKcwAC
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPQVhAAC2luKcwAC&_test=YPQVhAAC2luKcwAC

43 B
1 KB

73ms
60ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPQVhAAC2luKcwAC&_test=YPQVhAAC2luKcwAC
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 18 Jul 2021 11:50:28 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626609028.267127,VS0,VE0
x-served-by: cache-fra19123-FRA
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YPQVhAAC2luKcwAC&_test=YPQVhAAC2luKcwAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame 606D 43 B
344 B 78ms
64ms Image
image/gif 52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YPQVgz6iqO69Kz0OboDlFwAABHMAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 3d63a713-c2b6-a399-7647-9ec23f40638e
pr-bh.ybp.yahoo.com/sync/openx/ Frame 826E 43 B
922 B 105ms
37ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/3d63a713-c2b6-a399-7647-9ec23f40638e?gdpr=0

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 826E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=OtSDdrBu1M55ju5

43 B
106 B

39ms
39ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=OtSDdrBu1M55ju5
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-09783869e9eb9ec2d@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=OtSDdrBu1M55ju5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 826E
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=391f6a7d-82b1-43ab-9b6d-034a64691e33&ssp=openx&user_group=1
https://us-u.openx.net/w/1.0/sd?id=537072968&val=038ebc22-9900-42dc-8ad0-8c492131583e

43 B
106 B

40ms
40ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=038ebc22-9900-42dc-8ad0-8c492131583e
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:29 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=038ebc22-9900-42dc-8ad0-8c492131583e
date: Sun, 18 Jul 2021 11:50:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 826E
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5711895052350190188

43 B
106 B

41ms
40ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5711895052350190188
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
X-Proxy-Origin: 185.236.201.228; 185.236.201.228; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e22b3616-5731-49fb-96c8-8b33f8c54ee9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5711895052350190188
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 826E
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDYVVVN0I2Q3NBQUVCUl9QMWZKZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACaUU7B6CsAAEBR_P1fJg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACaUU7B6CsAAEBR_P1fJg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACaUU7B6CsAAEBR_P1fJg&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACaUU7B6CsAAEBR_P1fJg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=158370571286431338
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACaUU7B6CsAAEBR_P1fJg

43 B
106 B

37ms
37ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACaUU7B6CsAAEBR_P1fJg
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:30 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACaUU7B6CsAAEBR_P1fJg
Date: Sun, 18 Jul 2021 11:50:30 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 826E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=274e60f4-1584-4f00-9ac7-b1fecdb71bf8

43 B
106 B

39ms
38ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=274e60f4-1584-4f00-9ac7-b1fecdb71bf8
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 18 Jul 2021 11:53:16 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=274e60f4-1584-4f00-9ac7-b1fecdb71bf8
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 18 Jul 2021 11:53:15 GMT

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 5109 2 KB
3 KB 59ms
58ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.soo-healthy.com/3559&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 71e94091c42ce2b0e0bcac6f831d4877cf170ca6bcdca3c2c9de0970a63cd21f

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YPQVgz6iqO69Kz0OboDlFwAA; CMDD=AAeo8gE*; CMST=YPQVg2D0FYMB; CMPS=5223; CMPRO=1139; CMRUM3=dd60f415832760&2d60f4158305a0&f160f4158305a0&e660f415832760&2760f415830b40&5860f4158305a0&3360f4158305a0&c360f4158305a00
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 73|46|130|3|190|206|40|105
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1543
Expires: Sun, 18 Jul 2021 11:50:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
Connection: keep-alive
Set-Cookie: CMID=YPQVgz6iqO69Kz0OboDlFwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 18 Jul 2022 11:50:28 GMT CMPS=5223;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 16 Oct 2021 11:50:28 GMT CMPRO=1139;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 16 Oct 2021 11:50:28 GMT CMST=YPQVg2D0FYQB;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 19 Jul 2021 11:50:28 GMT CMDD=AAeo8gE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 19 Jul 2021 11:50:28 GMT CMRUM3=2760f415830b40&2e60f4158405a0&6960f4158405a0&2d60f4158305a0&0360f4158405a0&f160f4158305a0&4960f4158405a0&ce60f4158405a0&c360f4158305a00&5860f4158305a0&3360f4158305a0&8260f41584a8c0&e660f415832760&2860f4158405a00&dd60f415832760&be60f4158405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 18 Jul 2022 11:50:28 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 6229 25 KB
13 KB 176ms
79ms XHR
text/xml 64.233.184.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CHI7VnbcN2JHhjXKm8athUR3P718aHnp7RPjwz-P65CjoL34pmprJYPsLH7lvGD6-9vt9ScAFxiBBDpu51cjf1VaT1QA&dbm_d=AKAmf-D5fYifbaZ4hGdgZERmWz1nR3Esk1LNC6ogvqEgOK0DfBy3SY2Eoqh0eRLsTy2pcRfT7_q4fuAaAJY2NxO8w5arNCjoomtez0lHr8bwqUmxaXRCHM3XeV-wjKtDrGQ_ER7pEWqhj9FeWWOt1eR7XNCytBdfZQ81yCDtsLuCMf871UwZYZ_3dSKcw0_0dbyQRhLPNZPAzmfkxQgt46grgzsgFrorAaa2PS3eeH8EOtugrPj7fr30jel4uUFsnGQ7QuQ7nNey83KF6i3f0XuB0kdiPe8IxWJtQ-F31bnnLxvXcMTmx6LL_LSLxrzvPx8tQjZF9Ey2T08GYcOb9sEWWQ-tdZUqRBDWvvu9fJ8tU4IEAk61F6eBIgpaNJKnl6fwxfxzw7L1bYfrl80FcB7iB5tiOU7hMHZJvd-ddYIi1YFhsB3SVJ3r8LdnxiwNZLQbpxzjqhfdnf8r2pnUVUJ5_4PCY7rRJn-NNCujNKnYIWi7Vats0p_nFec5N7lwzLPUwnK-VkbtcBSgPyjcZY9jl6aFhprQS025rr07MCiJ8Ud-RKyRXZ6caHhGAJKAH9UsCet__jmOvamGzP94sK8htucFrkuqG5p1AyPH5U5Twc6MeGwkDl1R8ha-JDN9im-KpvTFgPNQGisXb9VMYWFPqObtPLxHcshiin0aXvUENls_9tmZVCg1On002h9XGllCHKwDHz0R4D0fx-2UzEjAyb70mf0W236IseDyoT_TDN8RqNoLzv9opJl8UQuOa1CgIcPTQcSEcPSj5iwcaRzXyrNXcWszVEe-Qd7HQhjdfdUu9Gkn_XYNMHgyIkMdejCxqn3W4TExjHXhV8k9Yn3ruu42cUmyfnYB-q7xuu-jjn1vaIW8GDbGq0EHb4H891IpmRAEkgs_trzFK7EyChyFbke2zVDkppSytq1Fcux6NxjDOHyfkWkdU1LXoYagZKxeAqNHh_SMW_rRXvPB4vKkG0GbPeuPW119fx-B1eDXs84B76hQGaaHRzOgsP8uDDCDguc3ogRnjSEAFEVzf_gLylikEPNLbtC4Dtb1cyKE64y-Lcb3IL2niYHXCkLhe2jKOZW2JjUBVLER_Y2dNrJpqnftLCT2Vxod4O1wA2t-V5pMh8dU-XYAGORzrrIJGJ6DGNOH4I8OTQdvtycgzfI1ihcbuPqfKZdVugkAJD3e6GAIWG-tWy1S0ai1eNVDlL7BSdVZhAl5GxpXoAmnMmsSRSkUxKAq7qXVam9tduuLBKzIQvtXIUgL7vj8t4aoWF2M9ZvczWx7Q4n3_wlEegSYslCCWY-Ur0GAfU3_zNLNSdqJVWr8at9zokzQ24QQDDOSHukq8Q0B1fOP0PETYpT2yVBQFohQ1aDEXCKefKGeMWGC7fubyqR4Z2mb_k16dgYfhgAGxnZCW_awTYutlrFfnLJYoL3FuUlN4-aqAOw_-IVCodCNPer3K1Z3EKO6AgZ7pCOjMPGCrwODVbsznHXM84VvCfN5DiTc5nVP795awFSDbsBHLHRRMTsEQuta5iM1e-0S1qxCwTvXP85bwC-eSkcpa2e8Yvf1DWjpNwgsnXD5WF0DwIa-6GCFzV7gpEFU4M1hP9cjQpPhBkjGA2wwA6byNEoMWDf4O0JzIhVigSJdAkx7Mz336xTL7EBcQKwmZfXI0p2zMw1sgkaUKQpa_srnBhHyNhiGBW-baZGFgStffsPYiojNaQvzbRVAS_a0FrZB3VZNwhb--zpdluaiYg2qd1sd9tXDur4fiCtYODBG767geHFIY3CpUJcSmX9I2m3uCabbHQGqjK0LDFk2bE80uBTeI5tF2FgPhFiMHFNflLLHFdhdlbdoBWHOi8pfZ0MVy-ziZKJ31vLsy9nZvusLFQmyUHLBZj9LNldScRSXaDIqiZjJ7Y6toJKJbDheRNV4AXOZIum-Pc67gufbr8-tdmqdxJiMtapuVeyTju6yEfA66AhK1BG48Bgpl3H7Bvj-9j_HFsuuZrPlqEKClBe39oAuV07bpr_WdUC0QqOy4JFFeO6YfCbccMqcLSqZaPJEK-Muu_1kUfDAQYfFSKeMREvOLCvpy3X-NVjkAW2KFqAfwtnAzEY4W32mq9iMro7Si9TDo_cvAbhlxBRIrlYKpNGo7SvxN8syTZuSgsyuqXhcRuFv9HD4AFsVGX1ZqZnLyn0SFiVuvyCUo48j2DvcT98i1tM1wZlJgaj0Tk7i3wUpV7Bva8qlk-UKnfMHqYsJ3uoql6BWeYTG_b6EXPFYWNMRjqC1OOEf4UEJg2c-7v-anu964SgMK-iPHVURhOCRhIiNilFEA6RJ7XoeJFKUQspEqSyOvPM53jpDBzNWcD4ZCHyGpnPnBzukRWvAiuSyldwcrYYySHt3QwsJGOE9xVbFF-3Ak9EDwhBpILXJOukYVVyvDNcJde0AsBlGx45xgSSSfKtIKwtjinLI0OcRVFu8eqVOeBa8QKf36olxfAUg_mETCJ74RhOtAUz9lZ_WDgEmnfZWaWB-KXA2mAkGL8Cpk8gOgeucHTX9HUZNBvxpHnwo6rMOfJiaH9yqFQojVC6vfQXQwGwcbvPn2JnKFONC-KcXgN4Bk_XN8h48BjfJPhpuqZ0p6e62dE-tc-a_NYnHi1jHTIHQ8uGAaC5EpMjOsgR3awjFxZE98FrOkah8j-q5qmKatG7Qzu_5rQsW5JFV7-9W061YephRWdPMKi9NLEtuf-6Js-AWPcYnZcd9QkxBKJo0odx_zkWOjM8nvI_nmtrs0P74EUYraUDdfQyD6_Nc17F4qAISWL7eNeZJHBclQgn-KoUypjRtt3PLzS2JuUTkJT_w0zqX6TZ2L701XuSaD-xXvv2gIkwkKBlb5C6JhH0YGzDJLho7F_cK6tqbY2RGbHCV0Dqq4s3JPGFcFjzfwMv9DWhjNEe9P_Y_EWRDpJ3qJYlwnTOVFgfvn_h-WJRSqs3R7P1wiZIz264-_q_JtzvzPKXJxSMqjANHHkBaBhrbP3ahC869wfxhLRKEzVAn1ggifdGiwiQqhIMN9PXQRp_9WC87J-0lyPgTN2qabBSCxt8NIfglScCZ0JlTMqh43SRr2WEJLqmGNUhu9cjTrdsbbn7WvUeHepvgmdxahkgtm3YgSgMkpDQxTIZx0ZrHueUc9RNMdn9mN3Loas_IHyrl8LXoI-MjHtmpyJUCxg01IZQNkCt-fSC4c2IzjtY5PsLVS0H_j_tOfZ3klr6MZePC0rlMs_Bws7RmBN3WJuqyQAqzG3971QJyRr_-&cid=CAASFeRosXusTF9asUYe5maCe8GVdSDpnw&sdkv=h.3.471.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3190487097&sdk_apis=2%2C8&sid=DB8DFC27-23B1-4703-B47F-C995B5EF1D23&eid=44730464%2C44737473&url=https%3A%2F%2Fwww.soo-healthy.com%2F3559&dt=1626609028064&ged=ve4_td1_tt0_pd1_la1000_er1028.1302.1184.1590_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.471.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f155.1e100.net

Software

cafe /

Resource Hash

59c846dc217e3c4aed19faf0f7fdffa70a4675840311a23c6823065e4f357bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13348
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame D392 25 KB
13 KB 131ms
73ms XHR
text/xml 64.233.184.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BaGGYfGDSaPGESZY5JBxY8TsH_Osbm6e0oG9w4YldYvNu1TG4dQG4GE4RWIyug2BlM8W-BTYvkswIS9WQ2e8QOvj52zQ&dbm_d=AKAmf-CoiCQPfyZNrMWOJwGuXeq-iD4jPXSF-K2Wa3hMLseXcngkAoudsenZS_4Kc64hBF6IejtgazAunAdBVy03sU-HOpZx3TmajEfRWB8dU6NXCouWpzXl7dF73-jPmjrE6K4MFdhn9mfyN5aBc8vhQMvQ_lUk64O-bO0hruXuamYqBsuqV1rEtTUwfU2Y5T4J9VVJUuLsSNlzzY6N43B4oXB2JuKwlBc7wVvUgE5mV2jhpHl-WqVLAzTMZq-D-DEAVLF9I0yDCZsMdoS-reRDYeJ6QWYWGoMzcgBnC72wpKa7LXMX0Fes-pSROhJQOLa5-uRQIGxsxO45bPsbbX3jGdnN4CpGfJrL1qHsIgXhEmbkXXzEjMh-vSinIzCkml-8KI0mLI6NvLog41XYeL9LyYr14xnMwQi0F4GPmMFx6ZVSOjNv1kyL9dSC6qTBM0slw_mIQ1Mv6QVdrIc7elvTFsMBKr3ywYkiAL6B7aNj3LVaHPvutA0SfhfB1P_5xP7u-gO7UzSPllog5ZzBwcJabwTVsEuIW2OC4onvKVlCPFTZxIL3mWdVEp8arKOJETUiLzXwk0vHQR4WEOzN0az97hDm8RHuEGPslNV4nGwLPFlqSxMnvhIpCi_g1TK1HZ4ccNlxNc-ZjKBrTya5qt_U9OODYwJBucUefzweJyQopFiCGLL-ZkAPfQ8YZqwb9NsxDpWyujgfCvGWrqjlkM_rUgLoF1itLECyX3D3nCCzdEu04Zvzc84hpmAUSFmoZcUikDM2EwXcNZLstX44FQpi1RrZvdiJiGRnqvOBS-8nRFXiuhtJt25nZ3V4oGUdbFGFjvQ0d52h03kPvUCrpn9woZ6jSY9AHPBTXu1Cs3IsKSBkGr5Rgiq3M14g-7pC5EMoGKzUSObMmmdup0zM5rVHWUPMk1PHJOQjknOD8dbpncbbzH4NN3pow5SiRmQ0qIKQz3xMCGi-8Sm7KqV7fWzEG4vQZKQcg9FSi_0ffp8aNaodUoDKhvsv6KZxLwyJfN2W_elJmKrejozS4XkS2B1oRmI_7iyG232-n6jPAPGB2y24LyE1PNEe0Nd5sYRCO0YvnSzg7_DSA06sJPmXzXJ0FDNV0JdwXO8gf5TQjRRSUhQgxRpZPVV-vSOs3NK_nuCnM3OjuzGhbSdA7C4Haav56Ux_8xuWA2KnI-Rw1kS61Hm9_4RtijOJ8jiRmrCSiKSOGVq3rbR2k5ygJHoKf9K3XCJ9RPgmjTUSWwxGWalYHikgpqX2Ed_AYDMDFF4T6uhJoRIRxlejAbOqho2DbNAzDxuFcmn_BaOdHoMNM1Kyhpu4V8EE7aRSX4zGeBzTe4VvbfuhtPfsLkK_TxWkX83iVVZoao-6Q3OH32rrgN1LJUVJRprWectvo_Q6zj_TYl20y5LShHL8g_zUSeTNY_FzmGiy_UJHmXb5kkunQM6IPatFf9yGZM2SS1JvwCsV_emIqukoPDeF2W94iUM-u_YLIeuGQbc8u-cPjHl4RroQ2ARBbw36K1ZeR7ExrCWiSMSL0uVYJwcoR19S1xrbRz6ipJx2t_cWryx4tHuFLAFOX9VpBh8viTabPsqoTKXqOXqg5Y5ZsQljE__LhpZNy3yugFFQ1NjZrqZQcEpdM4Kl2xP6nAxWhHKGJQ6mijdamz8Dcnv1xwk-5i05D2xLEH6Q3-T8dmk8ntpdw3jVkasaqKXVjrcOua5eYEqn0mP6d8zAOKmWImrGgsFVXe7QbWNXIrtsWQ1F44V-ffNWIkz9UGvMRmADbp0Cz7TlCpPPNfY0iQp3sbd13yhrQdcV-5tsJhCiHGcEvSxJ0ZLzGYakXEssqlgiakBKClBMF7yzkxHjPZqNQZf50c86-1EzSYwQxbITZifJduCDPOhjLCf4kenck0RLK3nHdYk165-JAxsDkbOv7i3InvEguTxIYpVHMLX5N-8l2_DxcuXF8FkSV4b5dIsH_2NR39BfEypSd9NJikX_LCtN-45cC641MQmUytnwBtppWI0J7RDSmDzZwl9jOPZfcP43rxbzFI-u45_Wovae9TdhwARWYgwOx4booLSjNlKx78CqjGhUV7X5jKO5YTnBpAwGxpb9fkLZ-bJadGx-dx5eFboW4c6wGZEBGJ79kwP9nFdHKD3i5iulpcHgA9fuS0w4aANHv9wGfx0YV6G7JVRWviHfgqM6OBpRagwxcppj3JG2JdD3oqNjZtzZKmF2XjyTV-UNzdFJsiUaKJRoS1KBvMbhRH6cIivR4WDBeh4tWgpDxNJuG6DsM-F0KP_QJcu18fO4vlZKMjYaxUNQeTxnCuRbDlVD3jju-4y7_X8XBjVaj2X_7GNxlWMraiFL8wtmSn9NkCAmdDTyTCdNI8agULGG6yWZQjeJETJjUAuNiSubKcv_kY2wjcrxL1NuOZbpOSvrz5rSQRct7z-ujm_8QZbnb_ekI8Sn-eWe1QmKPL8xLJLFqg1Gz8-jgscZpviSE_kVnIZz634J2jZIATwIo48jYktE3zXWyeHTygeOXMTEKaUuaKbPP3vY9_nZSQf2uwjS3oQAbCg60u-8prNLHRScAXHcf5mentPhIlGm1JnKf8h-VqYNniechZosnJEVbr5HIvSiR1QvjDDlvTv4r61Xp_OFGYZhUW66YqNcW4hJiBlrqAmFhROCeJKPBWFOEAdnxKK8OLkwjUy3lsjqKBRUFYe9lAKWER-LE9ANzfFewlxQHFyhqzyFzjzqz5iVpeDKu9RYXiY5lJn0hznQQXs5jwz5KsOs3ntbt9BYFVYfx7clCNOn4DD9fVvqOFORglvSQ8uSmj7_9GpfvTvRj_x4vCB1e1GhioVo-GRZSyIY37Aw1efAypEvdV3T-UMXoDcjv2T5Wb7p5SORHLjyX-TMiQ2GG8mDdFeGm-PD-onHNm1tBOe6ErFsKnRITnVde4BGZuyazyLFtKMC44pRGgRgiMye8u5kVkPEP7mPengS_y_3AIAqDMTZTELwT_bru-Dv75VVTw3lrEQKYCh4ETtByw4WEiuqJ9uy1K5i8tYAWGn8GjpIGgQs0rxpQpEtfo_xaOQPBiuvN5H3X5NmoOyp-dQwSbavl8qIMWDkTlU8wVDCgXkpTTIhemggJNodV9MvI-1ww46cmAO4uXWAjoe41Qfx0WJdMig0sB0Ckg&cid=CAASFeRoWrL1FGKV_FHA9udjIHjytxQSMA&sdkv=h.3.471.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=568445600&sdk_apis=2%2C8&sid=F9A8A4B7-5D37-4451-A555-2EF4B7AFDB79&eid=44736285&url=https%3A%2F%2Fwww.soo-healthy.com%2F3559&dt=1626609028103&ged=ve4_td1_tt0_pd1_la1000_er1028.1302.1184.1590_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.471.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f155.1e100.net

Software

cafe /

Resource Hash

617d577ec6c757c45f60452ccb6838755b75cd4fb9fabc2e3ddf6385d8e8f08b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13187
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 YPQVgz6iqO69Kz0OboDlFwAABHMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5109 43 B
88 B 34ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YPQVgz6iqO69Kz0OboDlFwAABHMAAAAB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.soo-healthy.com/3559&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5109
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5711895052350190188

43 B
1 KB

61ms
61ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5711895052350190188
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.soo-healthy.com/3559&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 18 Jul 2021 11:50:28 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
X-Proxy-Origin: 185.236.201.228; 185.236.201.228; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9eaf08af-1997-41de-b424-5087f5885cd1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5711895052350190188
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5109
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACaUU7B6CsAAEBR_P1fJg&expiration=1627818628

43 B
1 KB

80ms
62ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACaUU7B6CsAAEBR_P1fJg&expiration=1627818628
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.soo-healthy.com/3559&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 18 Jul 2021 11:50:28 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACaUU7B6CsAAEBR_P1fJg&expiration=1627818628
Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5109
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0d8260f4-1584-4800-827a-81bb28204464

43 B
1 KB

117ms
61ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0d8260f4-1584-4800-827a-81bb28204464
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.soo-healthy.com/3559&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 18 Jul 2021 11:50:28 GMT

Redirect headers

Date: Sun, 18 Jul 2021 11:53:16 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0d8260f4-1584-4800-827a-81bb28204464
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 18 Jul 2021 11:53:15 GMT

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame 5109
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5711895052350190188

43 B
1 KB

1184ms
54ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5711895052350190188
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.soo-healthy.com/3559&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 18 Jul 2021 11:50:29 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
X-Proxy-Origin: 185.236.201.228; 185.236.201.228; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c6c6a7d1-12ea-4b93-a2fb-61540a35abd0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5711895052350190188
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

YPQVgz6iqO69Kz0OboDlFwAABHMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5109
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YPQVgz6iqO69Kz0OboDlFwAABHMAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://pr-bh.ybp.yahoo.com/sync/casale/YPQVgz6iqO69Kz0OboDlFwAABHMAAAAB

43 B
88 B

35ms
34ms

Image
image/gif

2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YPQVgz6iqO69Kz0OboDlFwAABHMAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.soo-healthy.com/3559&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://pr-bh.ybp.yahoo.com/sync/casale/YPQVgz6iqO69Kz0OboDlFwAABHMAAAAB
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5109
Redirect Chain

https://d.adroll.com/cm/index/ssp
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

43 B
1 KB

63ms
62ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.soo-healthy.com/3559&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 18 Jul 2021 11:50:28 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date: Sun, 18 Jul 2021 11:50:28 GMT
server: nginx/1.20.0
content-length: 76

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5109 43 B
424 B 56ms
55ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YPQVgz6iqO69Kz0OboDlFwAA%261139
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.soo-healthy.com/3559&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 11:50:28 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "761e21-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=386
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 18 Jul 2021 11:56:54 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame AC1D
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

123ms
123ms

Document
text/html

54.204.142.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.soo-healthy.com/3559&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.142.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-142-198.compute-1.amazonaws.com
Software: /
Resource Hash: 3afc8b0921603b7d5c5164f2994c6918b189a3ff95a0d3819fa0d1284af0fd82

Request headers

:method: GET
:authority: um2.eqads.com
:scheme: https
:path: /um/cs&eq_cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssum-sec.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EQUser=UID=58fd861b-279a-4234-aa82-e412d4710c53
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Sun, 18 Jul 2021 11:50:29 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Sun, 18 Jul 2021 11:50:29 GMT
pragma: no-cache

Redirect headers

date: Sun, 18 Jul 2021 11:50:29 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1
set-cookie: EQUser=UID=58fd861b-279a-4234-aa82-e412d4710c53; Path=/; Domain=eqads.com; Expires=Mon, 18 Oct 2021 11:50:29 GMT; Secure; SameSite=None

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXTTZMV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 3569
date: Sun, 18 Jul 2021 10:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Sun, 18 Jul 2021 12:50:59 GMT

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 6 KB
7 KB 1118ms
32ms Script
application/javascript 184.31.88.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXTTZMV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-88-106.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9bb46dbf7fdadc1a69827398f101c6bb10c30350373d5b04231d6b51323aca03

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 11:50:29 GMT
Last-Modified: Mon, 05 Jul 2021 14:11:34 GMT
Server: AmazonS3
x-amz-request-id: 8K0APKNJK5X8YV6G
ETag: "7918094c80a96d5722a588024f4cf5d3"
Content-Type: application/javascript
Cache-Control: max-age=387
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6411
x-amz-id-2: 6KF19P+Puvl44LPeSVfLk0CcC2er9ZlV6iyychScF3yVW4OPmPg3ENTh7SNi0cWzpc85t2gOmvY=

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 7 KB
3 KB 1169ms
49ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 11:50:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Jun 2021 09:47:31 GMT
Server: AkamaiNetStorage
ETag: "fdbbe544cf69190da6e6a5b05f6879cb:1624873651.390898"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3100
Expires: Sun, 18 Jul 2021 12:10:29 GMT

GET
H2 200 socialpic.js Show response
paylo.leavy.me/socialpic/ 7 KB
4 KB 88ms
68ms Script
application/javascript 2606:4700:3030::ac43:9b2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylo.leavy.me/socialpic/socialpic.js?v=1
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9b2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7b42bff3b321809e6686c19f1b3425a17e5ca3febce5f6f1828ec410b131494

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2962
cf-polished: origSize=8067
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 10 Nov 2020 10:03:27 GMT
server: cloudflare
etag: W/"5faa656f-1f83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BKw847RLLtMMHehfm06hEf3TPpi117XmQi9jpe0ThzZILzuyvPk1Zy59Yahx7zyXyfRc0LTu8YTuHXhn7EHsjbPlZjgRb3%2FGESzRHbKph6XCYOEWLQ%2ByMg3NXYwI2IOWNO1ZXI0Ev5n217IZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 670b7e19eb53d6e9-FRA
cf-bgj: minify

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1147102/ 74 KB
25 KB 1108ms
29ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1147102/tfa.js
Requested by: Host: www.soo-healthy.com
URL: https://www.soo-healthy.com/3559
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33a26bd80eda3cc203100eba680beaf03ba6ecb93ae9297c4a4a9eb47a8ea624

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: MyFLWTFErMSsi5Fv6TN2XMeqPBm.CIiq
content-encoding: gzip
etag: "81322fe6a92169954452fa576430ae1e"
age: 105
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 24687
x-amz-id-2: HsgoBRj1kWnMHzH4Im5BhiInzW6gfXQnnh1FNNXzB2CD1b1GH2GMmEQ83da6OUXylR9uukTQVR8=
x-served-by: cache-fra19161-FRA
last-modified: Wed, 14 Jul 2021 09:34:29 GMT
server: AmazonS3
x-timer: S1626609029.207930,VS0,VE1
date: Sun, 18 Jul 2021 11:50:29 GMT
vary: Accept-Encoding
x-amz-request-id: Y4FVJ0NW4ZT7CWAP
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 82
x-cache-hits: 1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-91029714-5&cid=1396118147.1626609028&jid=756152965&gjid=763265671&_gid=1229386479.1626609028&_u=YGBAgEABAAAAAE~&z=1625825728

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 18 Jul 2021 11:50:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.soo-healthy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
13ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=1139973002&t=pageview&_s=1&dl=https%3A%2F%2Fwww.soo-healthy.com%2F3559&ul=en-us&de=UTF-8&dt=Astuces%20de%20cuisine%20qui%20rendront%20les%20repas%20beaucoup%20plus%20faciles%20%C3%A0%20g%C3%A9rer%20-%20soohealthy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=756152965&gjid=763265671&cid=1396118147.1626609028&tid=UA-91029714-5&_gid=1229386479.1626609028&gtm=2wg7e0KXTTZMV&z=1615272873

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jul 2021 13:54:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78954
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5ADC 0
735 B 85ms
83ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
X-Proxy-Origin: 185.236.201.228; 185.236.201.228; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: fdd01c42-1bdf-4b95-9878-c76fe3643bc6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
254 B 18ms
15ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-91029714-5&cid=1396118147.1626609028&jid=756152965&_u=YGBAgEABAAAAAE~&z=878676467

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 38ms
17ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-91029714-5&cid=1396118147.1626609028&jid=756152965&_u=YGBAgEABAAAAAE~&z=878676467

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 socialpic.css
paylo.leavy.me/socialpic/ 1 KB
1 KB 24ms
12ms Stylesheet
text/css 2606:4700:3030::ac43:9b2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylo.leavy.me/socialpic/socialpic.css
Requested by: Host: paylo.leavy.me
URL: https://paylo.leavy.me/socialpic/socialpic.js?v=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9b2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f25db6ede65cadd32934c1b14d6e0d14fd7de517feab50cbda4c403154eed0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2956
cf-polished: origSize=1449
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 20 Sep 2020 00:42:55 GMT
server: cloudflare
etag: W/"5f66a58f-5a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkKXRNgn%2Fp5hA6vV5U5TACfbK6%2FHMxHNLNMlYApE5ulgUefNWtrK0o4M8Htoe4PXo6wWciNjgFJ815UBPZ9S0NXE%2Bdm%2B3BtcquY4mbXSpl4jpMs40EB6yP4sLFhy7W%2BOo30dRFvl%2FmD6NJUE5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 670b7e1a6ed04e9e-FRA
cf-bgj: minify

GET
H3-29 200 socialpic.css
paylo.leavy.me/socialpic/ 1 KB
1004 B 17ms
17ms Stylesheet
text/css 2606:4700:3030::ac43:9b2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylo.leavy.me/socialpic/socialpic.css
Requested by: Host: paylo.leavy.me
URL: https://paylo.leavy.me/socialpic/socialpic.js?v=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:9b2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f25db6ede65cadd32934c1b14d6e0d14fd7de517feab50cbda4c403154eed0

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2956
cf-polished: origSize=1449
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 20 Sep 2020 00:42:55 GMT
server: cloudflare
etag: W/"5f66a58f-5a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91bjIzDVZ%2FmATbn7M%2BbcLEWEP1PpSBPxNIABxaLCM6MJSGW0f2ED%2FcXDapgdgPzP5K0YfMpm1srJ945SO1OY%2Bkogu1mi8QTyPmAbpJ7Bsilf5mAhBIXx%2FGnKT0lun044UD7LwC035zUsc5BrXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 670b7e1a7f154e9e-FRA
cf-bgj: minify

POST
H2 204 csi
csi.gstatic.com/ Frame D392 0
348 B 47ms
27ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kr950mfx&c=5930837046708&slotId=2965418523354&qqid=CO2wq-rG7PECFaKAdwod6rIDdA&gqid=gxX0YJCqMZD-3wO9qpTQCA&fb=ima_html5-lima&sdkv=h.3.471.1&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&wta=1&ghmsh_eids=44736285&vmfc=9&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.471.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D392 42 B
557 B 37ms
17ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
pubads.g.doubleclick.net/pagead/ Frame D392 0
0 40ms
39ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=Cd5wSgxX0YK3jMqKB3gPq5Y6gB8PrsdFjyJLojbwOs-30_QgQASCcjMQjYPWVzoHgBKAB5eWapwLIAQWpAgGOKEV9P7I-qAMByAMTmAQAqgTqAU_QaZG9xdBZ-7PNOldCHXJx8XKeyh8y_i2glmTtjD6e15R26_a_p-MWt5nUI_euphjDd-gEz_rIL8f4DXsvszSPurA87UtQ8jwOWv9jZoHGIGDW6E_4LhsMWpyBAu22Nd8JHFiZB6V6hqDWLAlVCY2feUL2icS2zY0snPvoRTxz3Bhsq07UKQhO0prfZkBq_jShllHx4mUevZYt3M2SKUNIeHAxtK_W7dhYTW3zf1OMG55xVMbn2tYQ_qd4cDd8kWB0lC_rcv-18yDcqP_JKYhLGVs8b-vIUbCUxYseUI-Utp_wxHjJ9PMFq8AEu6OZ9-QD4AQDiAWK2NmyM5IFBggDEAEYAZIFBggbEAIYAZIFCwgiEAUYCkjEvo8BkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAeDmuXYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUb2AcA8gcLEKzJzwEY_5mHrwHSCAcIiGEQARgdgAoDyAsBsBPB_P8LyBO2ptHdA9ATANgTCogUAtgUAdAVAYAXAbIXGgoYCAASFHB1Yi0zNTY1Mzg1NDgzNzYxNjgx&sigh=dWE1WunC6HE&cmd=Ch1jYS12aWRlby1wdWItMzU2NTM4NTQ4Mzc2MTY4MRAAGAI&cid=CAQSPwCNIrLM-8yCR45M_hmp3fb_DAck0yBHiyXxJToHGZ8vOAxZ06YUiie3DoAlB0vBHnTtWwTHs1z0XrFKymMGqQ&vt=10&sdkv=h.3.471.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzEzMjg1NDQ1NjVAswIKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDA3MDgyNDQyCTE1MDQxMjIwMUCMAVIzCOEHEA8lAADAQCgBOgsxNTA0MTIyMDEtMUIER0RDTVAAWhBEd0FHZlVMLUxwQjJmVlBsGAE.
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame FFBC 0
54 B 26ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kr950mbi&c=5930837046708&slotId=2965418523354&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

52
r6---sn-4g5ednls.c.2mdn.net/videoplayback/id/4133afe05682465d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764665338/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m...
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/4133afe05682465d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764665338/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r6---sn-4g5ednls.c.2mdn.net/videoplayback/id/4133afe05682465d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764665338/sparams/acao,ctier,expire,id,ip,ipbits,i...

877 KB
877 KB

89ms
61ms

Media
video/mp4

2a00:1450:4001:5b::c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r6---sn-4g5ednls.c.2mdn.net/videoplayback/id/4133afe05682465d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764665338/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4997C61539BF5D94D0E20B5EA7AA5AAC3BAFED3F.2085D92128FAFC07C477E91A967A6779AA25615F/key/cms1/cms_redirect/yes/mh/UB/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednls/ms/onc/mt/1626608668/mv/m/mvi/6/pl/52?cpn=DwAGfUL-LpB2fVPl&file=file.mp4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:5b::c Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7b8b062d287ecaea26f85160da5f8a8b9e05c227a34078140d193a4ee4142edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 11:50:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 05 May 2021 12:22:17 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-897722/897723
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 897723
Expires: Sun, 18 Jul 2021 11:50:28 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r6---sn-4g5ednls.c.2mdn.net/videoplayback/id/4133afe05682465d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764665338/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4997C61539BF5D94D0E20B5EA7AA5AAC3BAFED3F.2085D92128FAFC07C477E91A967A6779AA25615F/key/cms1/cms_redirect/yes/mh/UB/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednls/ms/onc/mt/1626608668/mv/m/mvi/6/pl/52?cpn=DwAGfUL-LpB2fVPl&file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 677
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame C9FE 43 B
344 B 65ms
64ms Image
image/gif 52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=266c78837ec011d0eee18554&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame C9FE
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=266c78837ec011d0eee18554/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=5001&3pid=44c313d6e9e0835a0bddbf26c4ba239&gdpr=0&gdpr_consent=

43 B
853 B

391ms
42ms

Image
image/gif

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=44c313d6e9e0835a0bddbf26c4ba239&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=44c313d6e9e0835a0bddbf26c4ba239&gdpr=0&gdpr_consent=
cache-control: no-cache
x-server: 10.45.11.222
content-length: 0
expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame C9FE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=266c78837ec011d0eee18554&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=3&3pid=0d8260f4-1584-4800-827a-81bb28204464&gdpr=0&gdpr_consent=

43 B
855 B

376ms
44ms

Image
image/gif

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=0d8260f4-1584-4800-827a-81bb28204464&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Sun, 18 Jul 2021 11:53:16 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ce.lijit.com/merge?pid=3&3pid=0d8260f4-1584-4800-827a-81bb28204464&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 18 Jul 2021 11:53:15 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame C9FE
Redirect Chain

https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=90&3pid=c0a8f905-125b-4774-9d3b-7f3e43c691ee&gdpr=0&gdpr_consent=

43 B
1 KB

45ms
45ms

Image
image/gif

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=90&3pid=c0a8f905-125b-4774-9d3b-7f3e43c691ee&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:29 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:29 GMT
server: nginx/1.12.1
location: https://ce.lijit.com/merge?pid=90&3pid=c0a8f905-125b-4774-9d3b-7f3e43c691ee&gdpr=0&gdpr_consent=
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame C9FE
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=ce6bc3c5-7f96-401b-aeb1-a0b64fd68a25-60f41585-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=ce6bc3c5-7f96-401b-aeb1-a0b64fd68a25-60f41585-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dce6bc3...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=ce6bc3c5-7f96-401b-aeb1-a0b64fd68a25-60f41585-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D...
https://ce.lijit.com/merge?pid=16&3pid=ce6bc3c5-7f96-401b-aeb1-a0b64fd68a25-60f41585-4348&gdpr=0&gdpr_consent=

43 B
1 KB

44ms
44ms

Image
image/gif

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=ce6bc3c5-7f96-401b-aeb1-a0b64fd68a25-60f41585-4348&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:30 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=16&3pid=ce6bc3c5-7f96-401b-aeb1-a0b64fd68a25-60f41585-4348&gdpr=0&gdpr_consent=
date: Sun, 18 Jul 2021 11:50:30 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C9FE
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MjY2Yzc4ODM3ZWMwMTFkMGVlZTE4NTU0&gdpr=0

170 B
188 B

39ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MjY2Yzc4ODM3ZWMwMTFkMGVlZTE4NTU0&gdpr=0

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 18 Jul 2021 11:50:28 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MjY2Yzc4ODM3ZWMwMTFkMGVlZTE4NTU0&gdpr=0
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D392 42 B
64 B 67ms
53ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame D392 41 KB
15 KB 67ms
5ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.471.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 13:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 13:30:43 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D392 0
20 B 93ms
39ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D392 0
592 B 133ms
42ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubU_5YVLWFy8STDY0hiox0_mB9bdvgn0OA7SFTjdnUxl7xFbo_Eo05Mych1Zjot6ziqOx2BNCK_ZrlVPo3-z0zTqQfqJz6AtADHlWjDd6USQkSXkVov0CQ-9Q2pv2spNYR7pXyaWp7a-OTpJRriVsvEBURt9qODyBhTMSQyGqvYRYaNY45sHa61Wo8e8ZuuVmKFtD9RP-eNGiG6MvZD5vLkGKAjf1ee3gwjA4UlsoR6pXwpvKKZZ7vNVpji-wUlRVnlIYn1Sk1IS0rnqUL-NCyw2-feeq6aV7b8BCOL5yOUWQoKHN7GoagSpuTI01Iie8hTNNwH8IMzE77pXVCBn-5hmqFnOWbwcgNop-8-6YvH3qX72EYTVs8RIY18BUzqOre26tEHx9MNeuQ2cWUQhTWpPTsucUku5ekCiTQSuKoMjWSGJt0epEqP0Ee3ZqR6oPyZX-bMSUYWg7JOvZt_HAjP-c7990n4XW0oJfM8-RKZVgJEYdnwaO0_1r0fe6ss4lwV5cgVh0GC67PMntzoLR611TAtJVtMVtpePATC8irh6Nr--o-Eod6GCbKDQJ4zLGFLKdCa1PUE4FR2VrNzoVC93ASU4qzyNK-ht-S2_gMxcAjfeeUE1T5xmL_TE0Cwb947B222CmtuvJtRIjH0CAdc_n6EPHIJJXsXZM4k3GSpv-tO1TNFvrKsy90WgbuAxaIxmXXrrt1uA5KLq7fKUTDh8JHsJ8z-p51-MLmC9_KYppvLFVH_2sYqRqEVb2kDbgUZQDs1qc8HQy541XRossVl_dGNsE_vSJYlDtPnU_ak8IUcS83KzXqn19ICtwNEQHcVK2a9qtq0NZLFHOcuBIQaaEl7wHBeVIWb1UZeZJ9Frisha-35kAcDvIGKS8o3sV6Au1AgdExXzN06OFqukDP6aQfbbqW1yzXc6HgdT8C0v-fboeeQqaqYIEzvVNBTV1ZEF_OQZCe2X-UGTUsVRK7jAxG2Kar3dFy00_TNIZsEfMBAzq3-UOtnQ1f7zIP9rg9zUEmKCDZXEdcfChjfrQ7sD441DzuXuuLyduchQrjqeE18dmXeo1w3Q_m4oDV_EzxJCN6krlKXRmDpVUfgIkLZrCaVZtgjF1eiL6VzZcU8VAyCaRdZyVoJMH9Ip0ILx7rfNwStc8kFYNMJVulGj1axQgSxySGIIbIq9JHAwVj&sai=AMfl-YRYJwJTxs_6YeMeAt8zlr8ehQDmV6l7rk1sazz09oCaltGnP3WKCzNVuVcDxzWsdorlIVNd-UnNVqysMmTANa_gYyFMGiYpW539RbFiOjX2nqY1Vqo1d4a95wl89rFzhy7L7tjGSsc8QnZGTy6uSf3a-fl_jtRmHp-EBT8&sig=Cg0ArKJSzO23Px922MfcEAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.471.1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 18 Jul 2021 11:50:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame D392 0
0 53ms
49ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvUsAIQofGq-QEY_5mHrwEgATAB&v=APEucNXYIAps6jLgCoQ5XTLgkDwLbvpBqHrDX1L2GUFak7eFJcbI0iVwfflqnxgJXFNK69AG5sp6TLEWlazmbmZptQT4MTuQHA
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D392 42 B
64 B 53ms
49ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cd1JGgxX0YK3jMqKB3gPq5Y6gB8PrsdFjyJLojbwOs-30_QgQASCcjMQjYPWVzoHgBKAB5eWapwLIAQWpAgGOKEV9P7I-qAMByAMTmAQAqgTtAU_QaZG9xdBZ-7PNOldCHXJx8XKeyh8y_i2glmTtjD6e15R26_a_p-MWt5nUI_euphjDd-gEz_rIL8f4DXsvszSPurA87UtQ8jwOWv9jZoHGIGDW6E_4LhsMWpyBAu22Nd8JHFiZB6V6hqDWLAlVCY2feUL2icS2zY0snPvoRTxz3Bhsq07UKQhO0prfZkBq_jShllHx4mUevZYt3M2SKUNIeHAxtK_W7dhYTW3zf1OMG55xVMbn2tYQ_qd4cDd8kWB0lC_rcv-18yDcqP_JcYm5t8jGVHkDxCv4UhAq2SjjMjjrbrPSXhBAswHQrsAEu6OZ9-QD4AQDkAYBoAZOgAeDmuXYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB2ACgOYCwHICwGADAGwE8H8_wvIE7am0d0D0BMA2BMKiBQC2BQB0BUBgBcB&sigh=XZpWyOn6RC8&label=vast_creativeview&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D582%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D358582384%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626609028475%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1626609028321&sdkv=h.3.471.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzEzMjg1NDQ1NjVAswIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDA3MDgyNDQyCTE1MDQxMjIwMUCMAVI2COEHEA8lAADAQCgBOgsxNTA0MTIyMDEtMUIER0RDTUi7AVAAWhBEd0FHZlVMLUxwQjJmVlBsGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI3t3A6sbs8QIV8kEdCR2K_wf2EAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCO2wq-rG7PECFaKAdwod6rIDdA;dc_rmcid=CAASFeRoWrL1FGKV_FHA9udjIHjytxQSMA;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%...
ade.googlesyndication.com/ddm/activity/ Frame D392 42 B
107 B 186ms
68ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D392 42 B
64 B 95ms
42ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHjSNB-0tHnm5Zwmk5fG-7qojqbMbg1-K71DSBnMuQwbuSBVbvIiLDpHKGfDM13Z4tfz7abxFm1Al3oitS4rE3T8Fnu2KZ2aPTpZwWiUZI6UQKVhWv_YWWEtM&sai=AMfl-YQgHuQ01216Cj6xRg9SIHHY41GdUV0OUAlrzvCwi14WTVSg3hVHK2j4LDo4NLMhDzrRleS4YIfJeSPxFc68khJnaFMQMA-8_wc8QDWLyosdstDdR-Pox0vBK4t8VoGQ&sig=Cg0ArKJSzKloHCeSkbLEEAE&cid=CAASFeRoWrL1FGKV_FHA9udjIHjytxQSMA&id=lidarv&acvw=sv%3D900%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D582%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D358582384%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626609028477%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626609028321&avm=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI3t3A6sbs8QIV8kEdCR2K_wf2EAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCO2wq-rG7PECFaKAdwod6rIDdA;dc_rmcid=CAASFeRoWrL1FGKV_FHA9udjIHjytxQSMA;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%...
ade.googlesyndication.com/ddm/activity/ Frame D392 42 B
515 B 184ms
66ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3t3A6sbs8QIV8kEdCR2K_wf2EAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCO2wq-rG7PECFaKAdwod6rIDdA;dc_rmcid=CAASFeRoWrL1FGKV_FHA9udjIHjytxQSMA;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D582%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D358582384%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626609028479%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626609028321;dc_rfl=1,https%253A%252F%252Fwww.soo-healthy.com%252F3559%240;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D392 42 B
64 B 52ms
49ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cd1JGgxX0YK3jMqKB3gPq5Y6gB8PrsdFjyJLojbwOs-30_QgQASCcjMQjYPWVzoHgBKAB5eWapwLIAQWpAgGOKEV9P7I-qAMByAMTmAQAqgTtAU_QaZG9xdBZ-7PNOldCHXJx8XKeyh8y_i2glmTtjD6e15R26_a_p-MWt5nUI_euphjDd-gEz_rIL8f4DXsvszSPurA87UtQ8jwOWv9jZoHGIGDW6E_4LhsMWpyBAu22Nd8JHFiZB6V6hqDWLAlVCY2feUL2icS2zY0snPvoRTxz3Bhsq07UKQhO0prfZkBq_jShllHx4mUevZYt3M2SKUNIeHAxtK_W7dhYTW3zf1OMG55xVMbn2tYQ_qd4cDd8kWB0lC_rcv-18yDcqP_JcYm5t8jGVHkDxCv4UhAq2SjjMjjrbrPSXhBAswHQrsAEu6OZ9-QD4AQDkAYBoAZOgAeDmuXYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB2ACgOYCwHICwGADAGwE8H8_wvIE7am0d0D0BMA2BMKiBQC2BQB0BUBgBcB&sigh=XZpWyOn6RC8&label=part2viewed&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D582%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D358582384%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626609028479%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626609028321&sdkv=h.3.471.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzEzMjg1NDQ1NjVAswIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDA3MDgyNDQyCTE1MDQxMjIwMUCMAVI2COEHEA8lAADAQCgBOgsxNTA0MTIyMDEtMUIER0RDTUi7AVAAWhBEd0FHZlVMLUxwQjJmVlBsGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3t3A6sbs8QIV8kEdCR2K_wf2EAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCO2wq-rG7PECFaKAdwod6rIDdA;dc_rmcid=CAASFeRoWrL1FGKV_FHA9udjIHjytxQSMA;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D14,0,0,0,0%26mtos%3D14,14,14,14,14%26amtos%3D0,0,0,0,0%26mcvt%3D14%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D14%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D14%26pst%3D-1%26dur%3D6016%26vmtime%3D-1%26dvs%3D14%26dfvs%3D14%26dvpt%3D14%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D582%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D358582384%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626609028483%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,14;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626609028321;ecn1=1;etm1=0;eid1=16;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D392 42 B
64 B 67ms
17ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cd1JGgxX0YK3jMqKB3gPq5Y6gB8PrsdFjyJLojbwOs-30_QgQASCcjMQjYPWVzoHgBKAB5eWapwLIAQWpAgGOKEV9P7I-qAMByAMTmAQAqgTtAU_QaZG9xdBZ-7PNOldCHXJx8XKeyh8y_i2glmTtjD6e15R26_a_p-MWt5nUI_euphjDd-gEz_rIL8f4DXsvszSPurA87UtQ8jwOWv9jZoHGIGDW6E_4LhsMWpyBAu22Nd8JHFiZB6V6hqDWLAlVCY2feUL2icS2zY0snPvoRTxz3Bhsq07UKQhO0prfZkBq_jShllHx4mUevZYt3M2SKUNIeHAxtK_W7dhYTW3zf1OMG55xVMbn2tYQ_qd4cDd8kWB0lC_rcv-18yDcqP_JcYm5t8jGVHkDxCv4UhAq2SjjMjjrbrPSXhBAswHQrsAEu6OZ9-QD4AQDkAYBoAZOgAeDmuXYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB2ACgOYCwHICwGADAGwE8H8_wvIE7am0d0D0BMA2BMKiBQC2BQB0BUBgBcB&sigh=XZpWyOn6RC8&label=admute&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D14,0,0,0,0%26mtos%3D14,14,14,14,14%26amtos%3D0,0,0,0,0%26mcvt%3D14%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D14%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D14%26pst%3D-1%26dur%3D6016%26vmtime%3D-1%26dvs%3D14%26dfvs%3D14%26dvpt%3D14%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D582%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D358582384%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626609028483%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,14&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626609028321&sdkv=h.3.471.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzEzMjg1NDQ1NjVAswIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDA3MDgyNDQyCTE1MDQxMjIwMUCMAVI2COEHEA8lAADAQCgBOgsxNTA0MTIyMDEtMUIER0RDTUi7AVAAWhBEd0FHZlVMLUxwQjJmVlBsGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init-1118laf8ur58pv1xytjm.js Show response
api.fouanalytics.com/api/ 0
609 B 246ms
177ms Script
text/javascript 2606:4700:3033::6815:3a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1118laf8ur58pv1xytjm.js?di=www.soo-healthy.com&ui=1626609026957-975664409562-008546-009-008286&md=2&ap=&sr=aniview.com&pp=602bf4005a444e531c1b7814&ti=af356164360fe5cb1428c17490090e41_1723156107_1189362&de=2&si=602bf4005a444e531c1b7814&dm=640x360&pi=609114a546161a4cad024775&bt=programmatic&gt=CH&ac=608ae844bab356187b597498&pc=&cr=&c1=59c9148628a0612da3689288&c2=608ae844bab356187b597498&c3=602bf4005a444e531c1b7814&c4=608ae873e143d0187c6b0595&c5=608ae844bab356187b597498&c6=602bf4005a444e531c1b7814&c7=6061ef6e7591bb462e199484&c8=5fa3d9b907303868f21987a3&c9=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=602bf4005a444e531c1b7814
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3a2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXxLOjHDavtRevFIv7HWpGKsYwigWsHUFypF0LwxA782J5Q9%2Bb5QKLkE%2Fwpt2m9vDc94CTSgzLrvbZ0WhQQvw%2FRkhmgvx75hV%2FUJQ6SSiliHDrMpbPYl8kUxG%2B2AuYDG7Sc33jfKrjs%2B5Re6nn055R5zxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 670b7e1c78414a68-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: -1

GET
H2 200 track
track1.aniview.com/ 0
70 B 129ms
123ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&asid=608ae873e143d0187c6b0595%7C609114a546161a4cad024775&pid=602bf4005a444e531c1b7814%7C59c9148628a0612da3689288&cid=6061ef6e7591bb462e199484%7C608ae844bab356187b597498&h=e5171875977061d0dd00fc5ffb066019c4df9032&d9=0000&ad=6&vi=100&ofpr=3.27327&imid=af356164360fe5cb1428c17490090e41_1723156107_2513533&e=impression&cb=1626609027043&ad=6&vi=100&d1=vpaid&fv=3&stk=1&cb=1626609027052
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:28 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 127ms
124ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&asid=608ae873e143d0187c6b0595%7C609114a546161a4cad024775&pid=602bf4005a444e531c1b7814%7C59c9148628a0612da3689288&cid=6061ef6e7591bb462e199484%7C608ae844bab356187b597498&h=e5171875977061d0dd00fc5ffb066019c4df9032&d9=0000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=3.27327&imid=af356164360fe5cb1428c17490090e41_1723156107_2513533&e=start&d1=vpaid&fv=3&cb=1626609027052
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:28 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 1848 23 KB
9 KB 21ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/H0ZEmIz7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imasdk.googleapis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8727
date: Tue, 13 Jul 2021 13:30:43 GMT
expires: Wed, 13 Jul 2022 13:30:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 425985
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 _htgYqD-D_hqupanZs0dgoAXJAmF8Earzw--3TVapKE.js Show response
pagead2.googlesyndication.com/bg/ Frame 1848 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_htgYqD-D_hqupanZs0dgoAXJAmF8Earzw--3TVapKE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe1b6062a0fe0ff86aba96a766cd1d828017240985f046abcf0fbedd355aa4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jul 2021 21:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13252
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Jul 2022 21:05:07 GMT

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 492 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1848 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.471.1&bgai=Bptt8hBX0YN6LC_KD9fgPiv-fsA8AAAAAOAHgBAI&bg=!39yl3JjNAAZjFomlYxY7ACkAdvg8WlLInVB9wCGHwwnQMJ1KzdGsWtjgrc92cvaYnzoT279cW9CY1wIAAABtUgAAAA1oAQcKAPQ1xeOi2D_uxUPERN9XeXlktpokPSBOdvJ39Vk442vxSclk3dQ16Ze0todOXGsk3KLc0I432vf-OruxaIWgQII_SP21tlFu4QjWk_OFlcz8m5YMD5QseXMoCjAUShJ7T2mqQzxTgoXINV5IhGzjz58h900gx1fMjMwv1v1AFH99Qks9PNcV7wdUePsblqWSfYT1CD6dpmpVmha7f_SyYW7xfbRciYzYIi16WZLL0kzl4AE7lyBO9uBm21DGewc4B6oiVDtbJmpZnBjL3oCL-BRX22ggIcH-0ufKqrR2N7n1MT1--rb86XHc2VAp7ctrWlE45jHcmQKRIX7kB5AsR9VnSRlZK5w86RONG1K0VJAdHpxIfX7Fe2IyHSpQAZ4mFXFR_hjIK-yemccrV1V7UaNNQ4vZybONXMQXf-vCMwyGorf8pv47WEQCD1fl5cMxkyc7lhV1gL5AILdwdDAs0Y7g_lxJPn3YjXmSoKrdYreX9NjJiQXfhEijrKj0UObWlzVPE4w6Dt2Em3Yoy_HsONKBD9Mbje5Z0o1d57cvDvXxWjxSVodVIgc0NNSgrtPJZPzxwJhQ_CKfcdiJQzknZ4k-4Vx2GqAg04eTRLYAVYqYeWpr_c3vyK9DXFuQ0-FWuF_ZPaWsCKr0f2bAsKJCZPmMvfA8JpOiM7TyNxBjq8RPKw001YysF4q5R0iWBpCJzSC1fW4jhw8ZVtz9h10pn3aQehYmgApn0hoo3yAGXMtcLU8Nk2KCbNmN9ftYtqP8aSM0YA1P-16BGEB0bKpAZkZw9dxfS9IgzdizyT0iK6cpsg5949RS06pxKresWMn4UQ-jqvRLxPjgqEFodNGmBea1RmLXxCpcSsU94TZSiacPwHnB7hCQvWlrPSWays66_F_U5DPkhR7BemZtL7Br-jpjEbbCbtUz1PvdKlFF8QlBbBxyQ_fG8udXoqAbZoVzvUVU9uIjZeeFyUbwUjBFfHIdzqqxvx45XWnma8mfIpysU1lvES74d8zaUKyDcJ7TbJXLmk9wfOJxsueYoLCQUxtvdgjkrrcULH6-xakvVH-9Pxr8vKoc5H7vO4zUt20P_4CAboJypbwyqC8p0T3VNOdyDmHcqh1k9a80KmoaZ2tFxqQ5aRoc4uZbjU3dZJgEnFg1o-ogGzRJMq5n8pHqveGmQhEm3tU1IaK6ffgYao0hzfRsUTcm8Hrq

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame D392 0
17 B 40ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kr950mur&c=5930837046708&slotId=2965418523354&qqid=CO2wq-rG7PECFaKAdwod6rIDdA&gqid=gxX0YJCqMZD-3wO9qpTQCA&fb=ima_html5-lima&sdkv=h.3.471.1&mrd=4&aab=1&itv=1&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=993&mt=video%2Fmp4&vs=640x360&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.471.1_en.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5ADC 0
735 B 75ms
75ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:29 GMT
X-Proxy-Origin: 185.236.201.228; 185.236.201.228; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 5bf37737-ca7a-4ac0-8146-a4c9d0b3a372
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 441ms
110ms Script
application/javascript 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00fc93621e9480dfc59d0967002975c667
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 11:50:29 GMT
content-encoding: gzip
X-TraceId: ac81376583d7282243de952e6af6d121
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 552ms
110ms Image
image/gif 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00fc93621e9480dfc59d0967002975c667&obApiVersion=1.1&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.soo-healthy.com%2F3559&optOut=false&bust=047342298196823696
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 11:50:29 GMT
Cache-Control: no-cache
X-TraceId: 86a27475cc9815ef32f28999dc1e2321
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 track
t.teads.tv/ 23 B
143 B 449ms
76ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&buyer_pixel_id=2275&referer=https%3A%2F%2Fwww.soo-healthy.com%2F3559
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:29 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame AC1D 43 B
1 KB 62ms
61ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=58fd861b-279a-4234-aa82-e412d4710c53&expiration=1634557829
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Jul 2021 11:50:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 18 Jul 2021 11:50:29 GMT

GET
H3-29 200 dc_oe=ChMI3t3A6sbs8QIV8kEdCR2K_wf2EAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCO2wq-rG7PECFaKAdwod6rIDdA;dc_rmcid=CAASFeRoWrL1FGKV_FHA9udjIHjytxQSMA;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%...
ade.googlesyndication.com/ddm/activity/ Frame D392 42 B
63 B 103ms
66ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3t3A6sbs8QIV8kEdCR2K_wf2EAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCO2wq-rG7PECFaKAdwod6rIDdA;dc_rmcid=CAASFeRoWrL1FGKV_FHA9udjIHjytxQSMA;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D1746,0,0,0,0%26mtos%3D1746,1746,1746,1746,1746%26amtos%3D0,0,0,0,0%26mcvt%3D1746%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1746%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D429%26pst%3D424%26dur%3D6016%26vmtime%3D1682%26dvs%3D1732%26dfvs%3D1732%26dvpt%3D1732%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1746,1746,1746,1746,1746%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D582%26femvt%3D0%26emc%3D10%26emuc%3D0%26emb%3D10,0,0,0,0%26avms%3Dexc%26qi%3D358582384%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1626609030215%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1746;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626609028321;ecn1=1;etm1=0;eid1=960584;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D392 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cd1JGgxX0YK3jMqKB3gPq5Y6gB8PrsdFjyJLojbwOs-30_QgQASCcjMQjYPWVzoHgBKAB5eWapwLIAQWpAgGOKEV9P7I-qAMByAMTmAQAqgTtAU_QaZG9xdBZ-7PNOldCHXJx8XKeyh8y_i2glmTtjD6e15R26_a_p-MWt5nUI_euphjDd-gEz_rIL8f4DXsvszSPurA87UtQ8jwOWv9jZoHGIGDW6E_4LhsMWpyBAu22Nd8JHFiZB6V6hqDWLAlVCY2feUL2icS2zY0snPvoRTxz3Bhsq07UKQhO0prfZkBq_jShllHx4mUevZYt3M2SKUNIeHAxtK_W7dhYTW3zf1OMG55xVMbn2tYQ_qd4cDd8kWB0lC_rcv-18yDcqP_JcYm5t8jGVHkDxCv4UhAq2SjjMjjrbrPSXhBAswHQrsAEu6OZ9-QD4AQDkAYBoAZOgAeDmuXYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB2ACgOYCwHICwGADAGwE8H8_wvIE7am0d0D0BMA2BMKiBQC2BQB0BUBgBcB&sigh=XZpWyOn6RC8&label=videoplaytime25&ad_mt=1682&acvw=sv%3D900%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D1746,0,0,0,0%26mtos%3D1746,1746,1746,1746,1746%26amtos%3D0,0,0,0,0%26mcvt%3D1746%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1746%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D429%26pst%3D424%26dur%3D6016%26vmtime%3D1682%26dvs%3D1732%26dfvs%3D1732%26dvpt%3D1732%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1746,1746,1746,1746,1746%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D582%26femvt%3D0%26emc%3D10%26emuc%3D0%26emb%3D10,0,0,0,0%26avms%3Dexc%26qi%3D358582384%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1626609030215%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1746&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626609028321&sdkv=h.3.471.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzEzMjg1NDQ1NjVAswIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDA3MDgyNDQyCTE1MDQxMjIwMUCMAVI2COEHEA8lAADAQCgBOgsxNTA0MTIyMDEtMUIER0RDTUi7AVAAWhBEd0FHZlVMLUxwQjJmVlBsGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 124ms
124ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&asid=608ae873e143d0187c6b0595%7C609114a546161a4cad024775&pid=602bf4005a444e531c1b7814%7C59c9148628a0612da3689288&cid=6061ef6e7591bb462e199484%7C608ae844bab356187b597498&h=e5171875977061d0dd00fc5ffb066019c4df9032&d9=0000&ad=6&vi=100&ofpr=3.27327&imid=af356164360fe5cb1428c17490090e41_1723156107_2513533&e=firstQuartile&ad=6&vi=100&d1=vpaid&fv=3&stk=1&cb=1626609027052
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:30 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3t3A6sbs8QIV8kEdCR2K_wf2EAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCO2wq-rG7PECFaKAdwod6rIDdA;dc_rmcid=CAASFeRoWrL1FGKV_FHA9udjIHjytxQSMA;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D2147,0,0,0,0%26mtos%3D2147,2147,2147,2147,2147%26amtos%3D0,0,0,0,0%26mcvt%3D2147%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2147%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D629%26pst%3D424%26dur%3D6016%26vmtime%3D1932%26dtos%3D2147%26dtoss%3D1%26dvs%3D401%26dfvs%3D401%26dvpt%3D401%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D582%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D358582384%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1626609030616%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2147;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1626609028321;ecn1=1;etm1=0;eid1=200000;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D392 42 B
64 B 41ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHjSNB-0tHnm5Zwmk5fG-7qojqbMbg1-K71DSBnMuQwbuSBVbvIiLDpHKGfDM13Z4tfz7abxFm1Al3oitS4rE3T8Fnu2KZ2aPTpZwWiUZI6UQKVhWv_YWWEtM&sai=AMfl-YQgHuQ01216Cj6xRg9SIHHY41GdUV0OUAlrzvCwi14WTVSg3hVHK2j4LDo4NLMhDzrRleS4YIfJeSPxFc68khJnaFMQMA-8_wc8QDWLyosdstDdR-Pox0vBK4t8VoGQ&sig=Cg0ArKJSzKloHCeSkbLEEAE&cid=CAASFeRoWrL1FGKV_FHA9udjIHjytxQSMA&id=lidarv&acvw=sv%3D900%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D2147,0,0,0,0%26mtos%3D2147,2147,2147,2147,2147%26amtos%3D0,0,0,0,0%26mcvt%3D2147%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2147%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D629%26pst%3D424%26dur%3D6016%26vmtime%3D1932%26dtos%3D2147%26dtoss%3D1%26dvs%3D401%26dfvs%3D401%26dvpt%3D401%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D582%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D358582384%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1626609030616%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2147&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1626609028321

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 125ms
124ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&asid=608ae873e143d0187c6b0595%7C609114a546161a4cad024775&pid=602bf4005a444e531c1b7814%7C59c9148628a0612da3689288&cid=6061ef6e7591bb462e199484%7C608ae844bab356187b597498&h=e5171875977061d0dd00fc5ffb066019c4df9032&d9=0000&ad=6&vi=100&ofpr=3.27327&imid=af356164360fe5cb1428c17490090e41_1723156107_2513533&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=3&cb=1626609027052
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:30 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
t.teads.tv/ 23 B
143 B 108ms
108ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=timeSpent&env=js-web&buyer_pixel_id=2275&referer=https%3A%2F%2Fwww.soo-healthy.com%2F3559
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:31 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
track1.aniview.com/ 0
70 B 124ms
123ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&asid=608ae873e143d0187c6b0595%7C609114a546161a4cad024775&pid=602bf4005a444e531c1b7814%7C59c9148628a0612da3689288&cid=6061ef6e7591bb462e199484%7C608ae844bab356187b597498&h=e5171875977061d0dd00fc5ffb066019c4df9032&d9=0000&ad=6&vi=100&ofpr=3.27327&imid=af356164360fe5cb1428c17490090e41_1723156107_2513533&e=sec3&vi=100&d1=vpaid&fv=3&cb=1626609027052
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:31 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 365ms
124ms XHR
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=602bf4005a444e531c1b7814
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 18 Jul 2021 11:50:31 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3t3A6sbs8QIV8kEdCR2K_wf2EAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCO2wq-rG7PECFaKAdwod6rIDdA;dc_rmcid=CAASFeRoWrL1FGKV_FHA9udjIHjytxQSMA;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D3246,0,0,0,0%26mtos%3D3246,3246,3246,3246,3246%26amtos%3D0,0,0,0,0%26mcvt%3D3246%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D830%26pst%3D424%26dur%3D6016%26vmtime%3D3182%26dtos%3D1099%26dtoss%3D2%26dvs%3D1099%26dfvs%3D1099%26dvpt%3D1099%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1500,1500,1500,1500,1500%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D582%26femvt%3D0%26emc%3D17%26emuc%3D0%26emb%3D17,0,0,0,0%26avms%3Dexc%26qi%3D358582384%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D1626609031715%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3246;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1626609028321;ecn1=1;etm1=0;eid1=18;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D392 42 B
210 B 17ms
17ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cd1JGgxX0YK3jMqKB3gPq5Y6gB8PrsdFjyJLojbwOs-30_QgQASCcjMQjYPWVzoHgBKAB5eWapwLIAQWpAgGOKEV9P7I-qAMByAMTmAQAqgTtAU_QaZG9xdBZ-7PNOldCHXJx8XKeyh8y_i2glmTtjD6e15R26_a_p-MWt5nUI_euphjDd-gEz_rIL8f4DXsvszSPurA87UtQ8jwOWv9jZoHGIGDW6E_4LhsMWpyBAu22Nd8JHFiZB6V6hqDWLAlVCY2feUL2icS2zY0snPvoRTxz3Bhsq07UKQhO0prfZkBq_jShllHx4mUevZYt3M2SKUNIeHAxtK_W7dhYTW3zf1OMG55xVMbn2tYQ_qd4cDd8kWB0lC_rcv-18yDcqP_JcYm5t8jGVHkDxCv4UhAq2SjjMjjrbrPSXhBAswHQrsAEu6OZ9-QD4AQDkAYBoAZOgAeDmuXYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB2ACgOYCwHICwGADAGwE8H8_wvIE7am0d0D0BMA2BMKiBQC2BQB0BUBgBcB&sigh=XZpWyOn6RC8&label=videoplaytime50&ad_mt=3182&acvw=sv%3D900%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D3246,0,0,0,0%26mtos%3D3246,3246,3246,3246,3246%26amtos%3D0,0,0,0,0%26mcvt%3D3246%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D830%26pst%3D424%26dur%3D6016%26vmtime%3D3182%26dtos%3D1099%26dtoss%3D2%26dvs%3D1099%26dfvs%3D1099%26dvpt%3D1099%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1500,1500,1500,1500,1500%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D582%26femvt%3D0%26emc%3D17%26emuc%3D0%26emb%3D17,0,0,0,0%26avms%3Dexc%26qi%3D358582384%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D1626609031715%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3246&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1626609028321&sdkv=h.3.471.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzEzMjg1NDQ1NjVAswIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDA3MDgyNDQyCTE1MDQxMjIwMUCMAVI2COEHEA8lAADAQCgBOgsxNTA0MTIyMDEtMUIER0RDTUi7AVAAWhBEd0FHZlVMLUxwQjJmVlBsGAE.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 124ms
124ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&asid=608ae873e143d0187c6b0595%7C609114a546161a4cad024775&pid=602bf4005a444e531c1b7814%7C59c9148628a0612da3689288&cid=6061ef6e7591bb462e199484%7C608ae844bab356187b597498&h=e5171875977061d0dd00fc5ffb066019c4df9032&d9=0000&ad=6&vi=100&ofpr=3.27327&imid=af356164360fe5cb1428c17490090e41_1723156107_2513533&e=midpoint&ad=6&vi=100&d1=vpaid&fv=3&stk=1&cb=1626609027052
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:31 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3t3A6sbs8QIV8kEdCR2K_wf2EAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCO2wq-rG7PECFaKAdwod6rIDdA;dc_rmcid=CAASFeRoWrL1FGKV_FHA9udjIHjytxQSMA;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D4748,0,0,0,0%26mtos%3D4748,4748,4748,4748,4748%26amtos%3D0,0,0,0,0%26mcvt%3D4748%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4748%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1230%26pst%3D424%26dur%3D6016%26vmtime%3D4682%26dtos%3D1502%26dtoss%3D3%26dvs%3D1502%26dfvs%3D1502%26dvpt%3D1502%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1502,1502,1502,1502,1502%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D582%26femvt%3D0%26emc%3D25%26emuc%3D0%26emb%3D25,0,0,0,0%26avms%3Dexc%26qi%3D358582384%26psm%3D-2147483617%26psv%3D-2147483617%26psfv%3D-2147483617%26psa%3D0%26ptlt%3D1626609033218%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4748;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1626609028321;ecn1=1;etm1=0;eid1=960585;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D392 42 B
66 B 20ms
18ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cd1JGgxX0YK3jMqKB3gPq5Y6gB8PrsdFjyJLojbwOs-30_QgQASCcjMQjYPWVzoHgBKAB5eWapwLIAQWpAgGOKEV9P7I-qAMByAMTmAQAqgTtAU_QaZG9xdBZ-7PNOldCHXJx8XKeyh8y_i2glmTtjD6e15R26_a_p-MWt5nUI_euphjDd-gEz_rIL8f4DXsvszSPurA87UtQ8jwOWv9jZoHGIGDW6E_4LhsMWpyBAu22Nd8JHFiZB6V6hqDWLAlVCY2feUL2icS2zY0snPvoRTxz3Bhsq07UKQhO0prfZkBq_jShllHx4mUevZYt3M2SKUNIeHAxtK_W7dhYTW3zf1OMG55xVMbn2tYQ_qd4cDd8kWB0lC_rcv-18yDcqP_JcYm5t8jGVHkDxCv4UhAq2SjjMjjrbrPSXhBAswHQrsAEu6OZ9-QD4AQDkAYBoAZOgAeDmuXYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB2ACgOYCwHICwGADAGwE8H8_wvIE7am0d0D0BMA2BMKiBQC2BQB0BUBgBcB&sigh=XZpWyOn6RC8&label=videoplaytime75&ad_mt=4682&acvw=sv%3D900%26cb%3Dj%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D4748,0,0,0,0%26mtos%3D4748,4748,4748,4748,4748%26amtos%3D0,0,0,0,0%26mcvt%3D4748%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4748%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1230%26pst%3D424%26dur%3D6016%26vmtime%3D4682%26dtos%3D1502%26dtoss%3D3%26dvs%3D1502%26dfvs%3D1502%26dvpt%3D1502%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1502,1502,1502,1502,1502%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D582%26femvt%3D0%26emc%3D25%26emuc%3D0%26emb%3D25,0,0,0,0%26avms%3Dexc%26qi%3D358582384%26psm%3D-2147483617%26psv%3D-2147483617%26psfv%3D-2147483617%26psa%3D0%26ptlt%3D1626609033218%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4748&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1626609028321&sdkv=h.3.471.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzEzMjg1NDQ1NjVAswIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDA3MDgyNDQyCTE1MDQxMjIwMUCMAVI2COEHEA8lAADAQCgBOgsxNTA0MTIyMDEtMUIER0RDTUi7AVAAWhBEd0FHZlVMLUxwQjJmVlBsGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 125ms
124ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&asid=608ae873e143d0187c6b0595%7C609114a546161a4cad024775&pid=602bf4005a444e531c1b7814%7C59c9148628a0612da3689288&cid=6061ef6e7591bb462e199484%7C608ae844bab356187b597498&h=e5171875977061d0dd00fc5ffb066019c4df9032&d9=0000&ad=6&vi=100&ofpr=3.27327&imid=af356164360fe5cb1428c17490090e41_1723156107_2513533&e=thirdQuartile&ad=6&vi=100&d1=vpaid&fv=3&stk=1&cb=1626609027052
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:33 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
t.teads.tv/ 23 B
143 B 105ms
105ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=timeSpent&env=js-web&buyer_pixel_id=2275&referer=https%3A%2F%2Fwww.soo-healthy.com%2F3559
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:34 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3t3A6sbs8QIV8kEdCR2K_wf2EAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCO2wq-rG7PECFaKAdwod6rIDdA;dc_rmcid=CAASFeRoWrL1FGKV_FHA9udjIHjytxQSMA;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26p0%3D1028,1302,1190,1590%26p1%3D1028,1302,1190,1590%26p2%3D1028,1302,1190,1590%26p3%3D1028,1302,1190,1590%26tos%3D6085,0,0,0,0%26mtos%3D6085,6085,6085,6085,6085%26amtos%3D0,0,0,0,0%26mtos1%3D1746,0,0%26mtos2%3D1500,0,0%26mtos3%3D1502,0,0%26mcvt%3D6085%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D6085%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1632%26pst%3D424%26dur%3D6016%26vmtime%3D6016%26dtos%3D1337%26dtoss%3D4%26dvs%3D1337%26dfvs%3D1337%26dvpt%3D1337%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1337,1337,1337,1337,1337%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D582%26femvt%3D0%26emc%3D32%26emuc%3D0%26emb%3D32,0,0,0,0%26avms%3Dexc%26qi%3D358582384%26psm%3D-2147483521%26psv%3D-2147483521%26psfv%3D-2147483521%26psa%3D0%26ptlt%3D1626609034554%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,6085%26ss0%3D0.02%26ss1%3D0.02%26ss2%3D0.02%26ss3%3D0.02;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1626609028321;ecn1=1;etm1=0;eid1=13;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D392 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cd1JGgxX0YK3jMqKB3gPq5Y6gB8PrsdFjyJLojbwOs-30_QgQASCcjMQjYPWVzoHgBKAB5eWapwLIAQWpAgGOKEV9P7I-qAMByAMTmAQAqgTtAU_QaZG9xdBZ-7PNOldCHXJx8XKeyh8y_i2glmTtjD6e15R26_a_p-MWt5nUI_euphjDd-gEz_rIL8f4DXsvszSPurA87UtQ8jwOWv9jZoHGIGDW6E_4LhsMWpyBAu22Nd8JHFiZB6V6hqDWLAlVCY2feUL2icS2zY0snPvoRTxz3Bhsq07UKQhO0prfZkBq_jShllHx4mUevZYt3M2SKUNIeHAxtK_W7dhYTW3zf1OMG55xVMbn2tYQ_qd4cDd8kWB0lC_rcv-18yDcqP_JcYm5t8jGVHkDxCv4UhAq2SjjMjjrbrPSXhBAswHQrsAEu6OZ9-QD4AQDkAYBoAZOgAeDmuXYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB2ACgOYCwHICwGADAGwE8H8_wvIE7am0d0D0BMA2BMKiBQC2BQB0BUBgBcB&sigh=XZpWyOn6RC8&label=videoplaytime100&ad_mt=6016&acvw=sv%3D900%26cb%3Dj%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26p0%3D1028,1302,1190,1590%26p1%3D1028,1302,1190,1590%26p2%3D1028,1302,1190,1590%26p3%3D1028,1302,1190,1590%26tos%3D6085,0,0,0,0%26mtos%3D6085,6085,6085,6085,6085%26amtos%3D0,0,0,0,0%26mtos1%3D1746,0,0%26mtos2%3D1500,0,0%26mtos3%3D1502,0,0%26mcvt%3D6085%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D6085%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1632%26pst%3D424%26dur%3D6016%26vmtime%3D6016%26dtos%3D1337%26dtoss%3D4%26dvs%3D1337%26dfvs%3D1337%26dvpt%3D1337%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1337,1337,1337,1337,1337%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D582%26femvt%3D0%26emc%3D32%26emuc%3D0%26emb%3D32,0,0,0,0%26avms%3Dexc%26qi%3D358582384%26psm%3D-2147483521%26psv%3D-2147483521%26psfv%3D-2147483521%26psa%3D0%26ptlt%3D1626609034554%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,6085%26ss0%3D0.02%26ss1%3D0.02%26ss2%3D0.02%26ss3%3D0.02&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1626609028321&sdkv=h.3.471.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzEzMjg1NDQ1NjVAswIKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDA3MDgyNDQyCTE1MDQxMjIwMUCMAVI2COEHEA8lAADAQCgBOgsxNTA0MTIyMDEtMUIER0RDTUi7AVAAWhBEd0FHZlVMLUxwQjJmVlBsGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 127ms
126ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&asid=608ae873e143d0187c6b0595%7C609114a546161a4cad024775&pid=602bf4005a444e531c1b7814%7C59c9148628a0612da3689288&cid=6061ef6e7591bb462e199484%7C608ae844bab356187b597498&h=e5171875977061d0dd00fc5ffb066019c4df9032&d9=0000&ad=6&vi=100&ofpr=3.27327&imid=af356164360fe5cb1428c17490090e41_1723156107_2513533&e=complete&ad=6&vi=100&d1=vpaid&fv=3&stk=1&cb=1626609027052
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:34 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 6229 0
54 B 26ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kr950mgw&c=5930837046708&slotId=2965418523354&qqid=CP73q-rG7PECFc6Qewod8TcEpA&gqid=gxX0YPLMMdPB-gb7vL7YBg&fb=ima_html5-lima&sdkv=h.3.471.1&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&wta=1&ghmsh_eids=44730464%2C44737473&vmfc=9&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.471.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6229 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
pubads.g.doubleclick.net/pagead/ Frame 6229 0
0 46ms
45ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CFsDtgxX0YL6qM86h7gPx75CgCsPrsdFjyJLojbwOs-30_QgQASCwr-IfYPWVzoHgBKAB5eWapwLIAQWpAgGOKEV9P7I-qAMByAMTmAQAqgTqAU_QJgKFMVwsYN8gpeL0xdd1la_b9F2pxTb1xaHXAl7U7PLM0VzM-RMCe9fjT1MLE0vgmT-7DgA6Q08opcPLwelxl8Ma3SAm07l9n-yZJWG8cMNPrnNXiCv8BpbKXJZ5Ias3FDwtgFqrHMUjsrp6_LH_ckt6FSgC404S4I0teQgma53USI1upBiklU61WU1qnDxhf9zmmRcV8H6lyI9_wOaUdY-XyLSX3kyZdFzSnjFKJG8pqrHFXEoJLXSab090QtcVFKWYHWz2QrsQ-pwxFZF0E71U4B5jMyPgRR9IiOQSnEMWEHJGFF-qSsAEu6OZ9-QD4AQDiAWK2NmyM5IFBggDEAEYAZIFBggbEAIYAZIFCwgiEAUYCkjEvo8BkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAeDmuXYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUb2AcA8gcLEPTqywEY_5mHrwHSCAcIiGEQARgd8ggbYWR4LXN1YnN5bi0xNzE0OTUwNDI4MjE2Mjg5gAoDyAsBsBPB_P8LyBO2ptHdA9ATANgTCogUAtgUAdAVAYAXAbIXGgoYCAASFHB1Yi01NzE3MDkyNTMzOTEzNTE1&sigh=Sdvuj8jQam4&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&cid=CAQSPwCNIrLMPciE3rjdVsz0tBPTMby8olJHkiNN_E9Y_TAYs4sr2dFXIaNA_e8Ml5fh58ffGSrqC7TGQfdN3IvlHg&vt=10&sdkv=h.3.471.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzEzMjg1NDQ1NjVA_AEKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDA3MDgyNDQyCTE1MDQxMjIwMUDGAVIzCOEHEA8lAADAQCgBOgsxNTA0MTIyMDEtMUIER0RDTVAAWhBhRUg5RW5EbEFqWXdJMVFtGAE.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3-29 204 csi
csi.gstatic.com/ Frame 6762 0
17 B 27ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kr950mck&c=5930837046708&slotId=2965418523354&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

https://gcdn.2mdn.net/videoplayback/id/4133afe05682465d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764665338/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r6---sn-4g5ednls.c.2mdn.net/videoplayback/id/4133afe05682465d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764665338/sparams/acao,ctier,expire,id,ip,ipbits,i...

877 KB
877 KB

22ms
7ms

Media
video/mp4

2a00:1450:4001:5b::c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r6---sn-4g5ednls.c.2mdn.net/videoplayback/id/4133afe05682465d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764665338/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0857B2680F4605A18EBF782EB1E34207DFD5E983.0FA038021A90556CBD2D2081271282D3647FAA8E/key/cms1/cms_redirect/yes/mh/UB/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednls/ms/onc/mt/1626608668/mv/m/mvi/6/pl/52?cpn=aEH9EnDlAjYwI1Qm&file=file.mp4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:5b::c Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7b8b062d287ecaea26f85160da5f8a8b9e05c227a34078140d193a4ee4142edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 11:50:34 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 05 May 2021 12:22:17 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-897722/897723
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 897723
Expires: Sun, 18 Jul 2021 11:50:34 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:34 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r6---sn-4g5ednls.c.2mdn.net/videoplayback/id/4133afe05682465d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764665338/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0857B2680F4605A18EBF782EB1E34207DFD5E983.0FA038021A90556CBD2D2081271282D3647FAA8E/key/cms1/cms_redirect/yes/mh/UB/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednls/ms/onc/mt/1626608668/mv/m/mvi/6/pl/52?cpn=aEH9EnDlAjYwI1Qm&file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 677
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6229 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 6229 41 KB
15 KB 10ms
4ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.471.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 13:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 13:30:43 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6229 0
234 B 45ms
38ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6229 0
61 B 51ms
44ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv5c4hLjwmwY1S3ALNIburIf9oPo29SWr3RfZyU69SFr_YcN9hWgFMNyu16vzN_ygoCs-kv3XCOZgCv5RGqRqfJWECabw9mWn85_VvxishXarI0a_K-PCYsu3-Q3AYD4XRMNYUIuLOE8YyfzmeAh-tpyDk9-hKlgx722rOTWSQP7mpx_fcigm6hmX-sBc7Az4taxI_UijccJWEIp_gfkDNP_v4_8LzJ034ll50sexGBvMPLxwNtnAXZrMIRvZY38e0hFDE8st6xpmCs25Tz7quSwh-P12l7vhe8v63dhDFHETJi5RLVMcsLV52wzz4Cn5do3db7byWGreeMR0XRLMY6GNY8rArWtAEaP8vDh5FKIH2177Vqcevj78wcF2ZdgIk4_jt26aHT2mZLtWJd9V_A4nfZPRcXzY-gjGEdfqx16NIpcd6iCHznzzLwFxaMTd0zyugLa6rU8cW2K2JICRaW2_5R525KfCKIYfYwclfmBJjz5kkaaCQ68MgCG-TVJKoBs_TtckYwLlYj3r8rDYFXKcUBUbPTxaEZ94-woa_q4USbhPLjO01VXEofEHvmvDpeFhDsaGy7NFa3xAtaM0s7ArDqPinjguoIpvM5F_vCYYZnumDgq-RXzOLBWK9pZ7Pv350T4Y8YYOnlJ2a43U_1aeKMVWp3mGX7MH1y7FI8zZD80IEy0oUSViZmy2-B9P_OhSJubIfeXEBSqQlfAKDH7kyGSfiqb2lsyTqoqCDjvOmRBg38Iy3R0ff6LNIZS1h-Dz_xlvUMs-cxIZnsZNy9xisdL4VUp99vuMhQuaKJyKm3M4ZvCqctYpGDQgLuT8Cy8k_xLvsDXqY2P4IigRoG8SNcpwRuRx6-yqo846-f-NIOX2MRbP2xgVy4OXsXQzN3XbXf-shko9pAxp2hZUXIAtFCmNG4DrorSobK2lgChg5W74e6Y_ODrvv3TQQz0iNEIXGT0Xq9Ccj1gz2tiGUclHepDgrs2rbEZ2p7571SBYROAQHaAO0fSLr5q1M6eGz166-V0wscdj5B5RPNdwIQ8TTeHgh57hFBLGETxUodjfuemOQuwL3-tjy8yEjlZUgMtDw6pfkdJ3VNbe8b57ovRzOzVUm0ueKYAmrd1pMZTPAVGJpZrYYL2m8sTGCyDwhs1kQK9Ub2sHii2eSf7sKZly7DxYRhy0AwbaD35RWqWS8l1O8vrOY1UwTXo85-3j1LOhUEGiqKeMjt6e0AJkmIKBgnKnQ9mA&sai=AMfl-YT92m64e1BbkXqQbG61yuIcKAK9FKMrluosFJ_UqhROI2XpV5rhgp2_C2uhwO8XcGwnM8ueaaJibupcHPrlGXCePWqk29y2ZPTaj2nDNmeMC5oIQCbyWYfD6MPlBT5jCyVPMBkQlEGMIp-HtH4mnPsq-QTERafGCg6hBgI&sig=Cg0ArKJSzPKOKT59fvBgEAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.471.1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 18 Jul 2021 11:50:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 6229 0
0 21ms
17ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvUsAIQofGq-QEY_5mHrwEgATAB&v=APEucNV_LSS8A2T0b3mfoc5V2FB1hQkqL99q0CHZ70flkMLGg95ZrwAIdZ6DoPNV6GMSCQBeoKwDurAu0DGScr1GlqB4MSR5mw
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6229 42 B
64 B 22ms
18ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHaTAgxX0YL6qM86h7gPx75CgCsPrsdFjyJLojbwOs-30_QgQASCwr-IfYPWVzoHgBKAB5eWapwLIAQWpAgGOKEV9P7I-qAMByAMTmAQAqgTtAU_QJgKFMVwsYN8gpeL0xdd1la_b9F2pxTb1xaHXAl7U7PLM0VzM-RMCe9fjT1MLE0vgmT-7DgA6Q08opcPLwelxl8Ma3SAm07l9n-yZJWG8cMNPrnNXiCv8BpbKXJZ5Ias3FDwtgFqrHMUjsrp6_LH_ckt6FSgC404S4I0teQgma53USI1upBiklU61WU1qnDxhf9zmmRcV8H6lyI9_wOaUdY-XyLSX3kyZdFzSnjFKJG8pqrHFXEoJLXSab090QtcVFKWYHWz2QrsQ-pwxTZCGvS6u24yopriM0oR8AUNlGOQNurldvrzvUoSnqsAEu6OZ9-QD4AQDkAYBoAZOgAeDmuXYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB3yCBthZHgtc3Vic3luLTE3MTQ5NTA0MjgyMTYyODmACgOYCwHICwGADAGwE8H8_wvIE7am0d0D0BMA2BMKiBQC2BQB0BUBgBcB&sigh=6CmI4BVrq0k&label=vast_creativeview&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D6850%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D194834270%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626609034699%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1626609034624&sdkv=h.3.471.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzEzMjg1NDQ1NjVA_AEKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDA3MDgyNDQyCTE1MDQxMjIwMUDGAVI1COEHEA8lAADAQCgBOgsxNTA0MTIyMDEtMUIER0RDTUhsUABaEGFFSDlFbkRsQWpZd0kxUW0YAQ..

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMI88zA6sbs8QIVTuAbCh0aiAiMEAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCP73q-rG7PECFc6Qewod8TcEpA;dc_rmcid=CAASFeRosXusTF9asUYe5maCe8GVdSDpnw;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%...
ade.googlesyndication.com/ddm/activity/ Frame 6229 42 B
63 B 69ms
65ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6229 42 B
113 B 46ms
40ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstI7VCB_xYTFAX9qzQTROoqKzHDkpH4Y0582avNe3J-lHjoOE0e62O3bQpp_qs2a-qIrGxFcuUckHt8n2x8DwJmJXnlL84r6FtDlusr1E_XsLILJbKcjvra9d4&sai=AMfl-YSdGvyRQytCz0Fg6HjAMyLOXAxUWa1VLHBOicReLN7iY1N6Z_NJTB5jZmexBlHlHzLzrPfKttRKC9nSrbrZpd_zrQ7ov0UT9CfcjGqz1C702or9cbAbWlQ33RhCtr69&sig=Cg0ArKJSzIQECkF-eCVvEAE&cid=CAASFeRosXusTF9asUYe5maCe8GVdSDpnw&id=lidarv&acvw=sv%3D900%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D6850%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D194834270%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626609034702%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626609034624&avm=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI88zA6sbs8QIVTuAbCh0aiAiMEAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCP73q-rG7PECFc6Qewod8TcEpA;dc_rmcid=CAASFeRosXusTF9asUYe5maCe8GVdSDpnw;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D6850%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D194834270%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626609034706%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626609034624;dc_rfl=1,https%253A%252F%252Fwww.soo-healthy.com%252F3559%240;ecn1=1;etm1=0;eid1=11;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6229 42 B
64 B 22ms
17ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHaTAgxX0YL6qM86h7gPx75CgCsPrsdFjyJLojbwOs-30_QgQASCwr-IfYPWVzoHgBKAB5eWapwLIAQWpAgGOKEV9P7I-qAMByAMTmAQAqgTtAU_QJgKFMVwsYN8gpeL0xdd1la_b9F2pxTb1xaHXAl7U7PLM0VzM-RMCe9fjT1MLE0vgmT-7DgA6Q08opcPLwelxl8Ma3SAm07l9n-yZJWG8cMNPrnNXiCv8BpbKXJZ5Ias3FDwtgFqrHMUjsrp6_LH_ckt6FSgC404S4I0teQgma53USI1upBiklU61WU1qnDxhf9zmmRcV8H6lyI9_wOaUdY-XyLSX3kyZdFzSnjFKJG8pqrHFXEoJLXSab090QtcVFKWYHWz2QrsQ-pwxTZCGvS6u24yopriM0oR8AUNlGOQNurldvrzvUoSnqsAEu6OZ9-QD4AQDkAYBoAZOgAeDmuXYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB3yCBthZHgtc3Vic3luLTE3MTQ5NTA0MjgyMTYyODmACgOYCwHICwGADAGwE8H8_wvIE7am0d0D0BMA2BMKiBQC2BQB0BUBgBcB&sigh=6CmI4BVrq0k&label=part2viewed&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D6850%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D194834270%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626609034706%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626609034624&sdkv=h.3.471.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzEzMjg1NDQ1NjVA_AEKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDA3MDgyNDQyCTE1MDQxMjIwMUDGAVI1COEHEA8lAADAQCgBOgsxNTA0MTIyMDEtMUIER0RDTUhsUABaEGFFSDlFbkRsQWpZd0kxUW0YAQ..

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI88zA6sbs8QIVTuAbCh0aiAiMEAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCP73q-rG7PECFc6Qewod8TcEpA;dc_rmcid=CAASFeRosXusTF9asUYe5maCe8GVdSDpnw;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D16,0,0,0,0%26mtos%3D16,16,16,16,16%26amtos%3D0,0,0,0,0%26mcvt%3D16%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D16%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D16%26pst%3D-1%26dur%3D6016%26vmtime%3D-1%26dvs%3D16%26dfvs%3D16%26dvpt%3D16%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D6850%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D194834270%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626609034711%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,16;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626609034624;ecn1=1;etm1=0;eid1=16;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6229 42 B
64 B 23ms
18ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHaTAgxX0YL6qM86h7gPx75CgCsPrsdFjyJLojbwOs-30_QgQASCwr-IfYPWVzoHgBKAB5eWapwLIAQWpAgGOKEV9P7I-qAMByAMTmAQAqgTtAU_QJgKFMVwsYN8gpeL0xdd1la_b9F2pxTb1xaHXAl7U7PLM0VzM-RMCe9fjT1MLE0vgmT-7DgA6Q08opcPLwelxl8Ma3SAm07l9n-yZJWG8cMNPrnNXiCv8BpbKXJZ5Ias3FDwtgFqrHMUjsrp6_LH_ckt6FSgC404S4I0teQgma53USI1upBiklU61WU1qnDxhf9zmmRcV8H6lyI9_wOaUdY-XyLSX3kyZdFzSnjFKJG8pqrHFXEoJLXSab090QtcVFKWYHWz2QrsQ-pwxTZCGvS6u24yopriM0oR8AUNlGOQNurldvrzvUoSnqsAEu6OZ9-QD4AQDkAYBoAZOgAeDmuXYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB3yCBthZHgtc3Vic3luLTE3MTQ5NTA0MjgyMTYyODmACgOYCwHICwGADAGwE8H8_wvIE7am0d0D0BMA2BMKiBQC2BQB0BUBgBcB&sigh=6CmI4BVrq0k&label=admute&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D16,0,0,0,0%26mtos%3D16,16,16,16,16%26amtos%3D0,0,0,0,0%26mcvt%3D16%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D16%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D16%26pst%3D-1%26dur%3D6016%26vmtime%3D-1%26dvs%3D16%26dfvs%3D16%26dvpt%3D16%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D6850%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D194834270%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1626609034711%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,16&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626609034624&sdkv=h.3.471.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzEzMjg1NDQ1NjVA_AEKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDA3MDgyNDQyCTE1MDQxMjIwMUDGAVI1COEHEA8lAADAQCgBOgsxNTA0MTIyMDEtMUIER0RDTUhsUABaEGFFSDlFbkRsQWpZd0kxUW0YAQ..

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init-1118laf8ur58pv1xytjm.js Show response
api.fouanalytics.com/api/ 0
314 B 188ms
182ms Script
text/javascript 2606:4700:3033::6815:3a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1118laf8ur58pv1xytjm.js?di=www.soo-healthy.com&ui=1626609026957-975664409562-008546-009-008286&md=2&ap=&sr=aniview.com&pp=602bf4005a444e531c1b7814&ti=af356164360fe5cb1428c17490090e41_1723156107_1189363&de=2&si=602bf4005a444e531c1b7814&dm=640x360&pi=609b913fec6d95371b2d9ce9&bt=programmatic&gt=CH&ac=608ae844bab356187b597498&pc=&cr=&c1=59c9148628a0612da3689288&c2=608ae844bab356187b597498&c3=602bf4005a444e531c1b7814&c4=608ae873e143d0187c6b0595&c5=608ae844bab356187b597498&c6=602bf4005a444e531c1b7814&c7=6061ef6e7591bb462e199484&c8=600415dcd9cbd61a5e29f539&c9=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=602bf4005a444e531c1b7814
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3a2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyA7Vi%2FUhHiw9NP%2BKAn7Wy8TB1D842GmatVZZI6IffLnSTYCBb80R1NHmKSje25UX5jLHtrLyl8r50Wv0pSWGLv43clNvoncT23kjdkfEnXodt7SRzsGbjNH3jrVhnXoPG8H0WkLZttYN6wP4TXNbHkaag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 670b7e430d9c4a68-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: -1

GET
H2 200 track
track1.aniview.com/ 0
70 B 125ms
124ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&asid=608ae873e143d0187c6b0595%7C609b913fec6d95371b2d9ce9&pid=602bf4005a444e531c1b7814%7C59c9148628a0612da3689288&cid=6061ef6e7591bb462e199484%7C608ae844bab356187b597498&h=e5171875977061d0dd00fc5ffb066019c4df9032&d9=0000&ad=6&vi=100&ofpr=3.5&imid=af356164360fe5cb1428c17490090e41_1723156107_2513534&e=impression&cb=1626609027047&ad=6&vi=100&d1=vpaid&fv=3&stk=1&cb=1626609027053
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:34 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 125ms
124ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&asid=608ae873e143d0187c6b0595%7C609b913fec6d95371b2d9ce9&pid=602bf4005a444e531c1b7814%7C59c9148628a0612da3689288&cid=6061ef6e7591bb462e199484%7C608ae844bab356187b597498&h=e5171875977061d0dd00fc5ffb066019c4df9032&d9=0000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=3.5&imid=af356164360fe5cb1428c17490090e41_1723156107_2513534&e=start&d1=vpaid&fv=3&cb=1626609027053
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:34 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 426C 23 KB
9 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/H0ZEmIz7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imasdk.googleapis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8727
date: Tue, 13 Jul 2021 13:30:43 GMT
expires: Wed, 13 Jul 2022 13:30:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 425991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 _htgYqD-D_hqupanZs0dgoAXJAmF8Earzw--3TVapKE.js Show response
pagead2.googlesyndication.com/bg/ Frame 426C 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_htgYqD-D_hqupanZs0dgoAXJAmF8Earzw--3TVapKE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe1b6062a0fe0ff86aba96a766cd1d828017240985f046abcf0fbedd355aa4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jul 2021 21:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13252
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Jul 2022 21:05:07 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 426C 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.471.1&bgai=BVx9xhBX0YPP6Cs7Ab5qQouAIAAAAADgB4AQC&bg=!q6ilqOzNAAZjFomlYxY7ACkAdvg8WvWgVU2hbSsZye8Ifhgsd2m76u3CanwjZDX1D3NsG9AmiKBDfAIAAAC1UgAAAA5oAQcKAE-mfSI_CuvDfMfPNuP4YqlicdBsrkDK_W9N8Dp3oHLHbZGzHFMtQ0iVjzjejzg5l3AsjANUunyuDGmTzvZmugpmBp1EBqRXV4ggN3bLwmj5mQKbcCUdwMgryK2BfDTeaLkT_kcGc0hkdDA9DiS15F7QRjZg4YoSXLebBDrqV7jDQEwDGJBwvLNHtkYHc32qVvyNFs-Y1qj4QkkRiHR6VO2HC56iKw20vA0r4eoOYWfrU1gSkBaILrreiO3o4NcaOJLAEwxIkxh1CZ3qaVvLn7kITc9V47sg4KOPjKNHXV0YiAVJYeHLYBYKgTQ26Vtgf9SBPOfG40eb9EFFYLn2gvGpau3hvIy7Ww5A9Zhe_Z1ZuSBy1CF6301grGI_CT8KYNHSDge0wHjGVRLGZVhI7GIuD2BVZeOc_wlcStQoOi_D2YXS2EaJb692MFHiZddobcII9ac9axpvCYvrhGFMtu-2b1adaFKtEt48czwvdU0Lbfs_8SMQxbpuP_rP8qTyymiOQfhrZBxTv2GX6eBnczC3t1duI5PnSsaeGkGhSAJOC1OnYP5vL7ZgMUjlqnCxyFLoXibH-WxlwCJg1hNKmq0wsViTNxsgWXXXZOliVc3vZIGWRjb3TBSS6Ba5MOorT_oRB9PWpXToC-eoy59NOYxMAO8i3BYTCEEA6odn5eeKm70dUqttyyRmDFFwc5tkCyndcjLtaBeLfNAffbsRh0SpdcYrR4PjaqwHIEAzAAl57rKMlBhQrPRv_rDfmhCerpyShTXYC6PLIREeaX06onvGq_Jbzfsd3BTOVOIsGktumGHi-RrsjT20b4UF2muSRrzWydokEVCAE5oh5AowH4QAKTIbd8IaGjsFmTTWPxcYeQEnoUuzDK0nC0M82OZH0iz1c0Her8R5azxSmoMxjX_eASFwMSP1Yn7k9kXe0chZOGW8ZHhdDdP6OkDFl9KqMiQHv4W0dpF1uKUGEcGUZYHwnojLgdLjdOcQticTeQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI88zA6sbs8QIVTuAbCh0aiAiMEAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCP73q-rG7PECFc6Qewod8TcEpA;dc_rmcid=CAASFeRosXusTF9asUYe5maCe8GVdSDpnw;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D1745,0,0,0,0%26mtos%3D1745,1745,1745,1745,1745%26amtos%3D0,0,0,0,0%26mcvt%3D1745%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1745%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D426%26pst%3D427%26dur%3D6016%26vmtime%3D1704%26dvs%3D1729%26dfvs%3D1729%26dvpt%3D1729%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1745,1745,1745,1745,1745%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D6850%26femvt%3D0%26emc%3D10%26emuc%3D0%26emb%3D10,0,0,0,0%26avms%3Dexc%26qi%3D194834270%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1626609036440%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1745;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626609034624;ecn1=1;etm1=0;eid1=960584;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6229 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHaTAgxX0YL6qM86h7gPx75CgCsPrsdFjyJLojbwOs-30_QgQASCwr-IfYPWVzoHgBKAB5eWapwLIAQWpAgGOKEV9P7I-qAMByAMTmAQAqgTtAU_QJgKFMVwsYN8gpeL0xdd1la_b9F2pxTb1xaHXAl7U7PLM0VzM-RMCe9fjT1MLE0vgmT-7DgA6Q08opcPLwelxl8Ma3SAm07l9n-yZJWG8cMNPrnNXiCv8BpbKXJZ5Ias3FDwtgFqrHMUjsrp6_LH_ckt6FSgC404S4I0teQgma53USI1upBiklU61WU1qnDxhf9zmmRcV8H6lyI9_wOaUdY-XyLSX3kyZdFzSnjFKJG8pqrHFXEoJLXSab090QtcVFKWYHWz2QrsQ-pwxTZCGvS6u24yopriM0oR8AUNlGOQNurldvrzvUoSnqsAEu6OZ9-QD4AQDkAYBoAZOgAeDmuXYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB3yCBthZHgtc3Vic3luLTE3MTQ5NTA0MjgyMTYyODmACgOYCwHICwGADAGwE8H8_wvIE7am0d0D0BMA2BMKiBQC2BQB0BUBgBcB&sigh=6CmI4BVrq0k&label=videoplaytime25&ad_mt=1704&acvw=sv%3D900%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D1745,0,0,0,0%26mtos%3D1745,1745,1745,1745,1745%26amtos%3D0,0,0,0,0%26mcvt%3D1745%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1745%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D426%26pst%3D427%26dur%3D6016%26vmtime%3D1704%26dvs%3D1729%26dfvs%3D1729%26dvpt%3D1729%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1745,1745,1745,1745,1745%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D6850%26femvt%3D0%26emc%3D10%26emuc%3D0%26emb%3D10,0,0,0,0%26avms%3Dexc%26qi%3D194834270%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1626609036440%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1745&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1626609034624&sdkv=h.3.471.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzEzMjg1NDQ1NjVA_AEKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDA3MDgyNDQyCTE1MDQxMjIwMUDGAVI1COEHEA8lAADAQCgBOgsxNTA0MTIyMDEtMUIER0RDTUhsUABaEGFFSDlFbkRsQWpZd0kxUW0YAQ..

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 124ms
124ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&asid=608ae873e143d0187c6b0595%7C609b913fec6d95371b2d9ce9&pid=602bf4005a444e531c1b7814%7C59c9148628a0612da3689288&cid=6061ef6e7591bb462e199484%7C608ae844bab356187b597498&h=e5171875977061d0dd00fc5ffb066019c4df9032&d9=0000&ad=6&vi=100&ofpr=3.5&imid=af356164360fe5cb1428c17490090e41_1723156107_2513534&e=firstQuartile&ad=6&vi=100&d1=vpaid&fv=3&stk=1&cb=1626609027053
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:36 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI88zA6sbs8QIVTuAbCh0aiAiMEAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCP73q-rG7PECFc6Qewod8TcEpA;dc_rmcid=CAASFeRosXusTF9asUYe5maCe8GVdSDpnw;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D2147,0,0,0,0%26mtos%3D2147,2147,2147,2147,2147%26amtos%3D0,0,0,0,0%26mcvt%3D2147%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2147%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D628%26pst%3D427%26dur%3D6016%26vmtime%3D1953%26dtos%3D2147%26dtoss%3D1%26dvs%3D402%26dfvs%3D402%26dvpt%3D402%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D6850%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D194834270%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1626609036842%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2147;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1626609034624;ecn1=1;etm1=0;eid1=200000;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6229 42 B
64 B 42ms
42ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstI7VCB_xYTFAX9qzQTROoqKzHDkpH4Y0582avNe3J-lHjoOE0e62O3bQpp_qs2a-qIrGxFcuUckHt8n2x8DwJmJXnlL84r6FtDlusr1E_XsLILJbKcjvra9d4&sai=AMfl-YSdGvyRQytCz0Fg6HjAMyLOXAxUWa1VLHBOicReLN7iY1N6Z_NJTB5jZmexBlHlHzLzrPfKttRKC9nSrbrZpd_zrQ7ov0UT9CfcjGqz1C702or9cbAbWlQ33RhCtr69&sig=Cg0ArKJSzIQECkF-eCVvEAE&cid=CAASFeRosXusTF9asUYe5maCe8GVdSDpnw&id=lidarv&acvw=sv%3D900%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D2147,0,0,0,0%26mtos%3D2147,2147,2147,2147,2147%26amtos%3D0,0,0,0,0%26mcvt%3D2147%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2147%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D628%26pst%3D427%26dur%3D6016%26vmtime%3D1953%26dtos%3D2147%26dtoss%3D1%26dvs%3D402%26dfvs%3D402%26dvpt%3D402%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D6850%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D194834270%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1626609036842%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2147&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1626609034624

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 124ms
123ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&asid=608ae873e143d0187c6b0595%7C609b913fec6d95371b2d9ce9&pid=602bf4005a444e531c1b7814%7C59c9148628a0612da3689288&cid=6061ef6e7591bb462e199484%7C608ae844bab356187b597498&h=e5171875977061d0dd00fc5ffb066019c4df9032&d9=0000&ad=6&vi=100&ofpr=3.5&imid=af356164360fe5cb1428c17490090e41_1723156107_2513534&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=3&cb=1626609027053
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:36 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST csi
csi.gstatic.com/ Frame D392 0
0

POST csi
csi.gstatic.com/ Frame FFBC 0
0

GET
H2 200 track
track1.aniview.com/ 0
70 B 125ms
124ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&asid=608ae873e143d0187c6b0595%7C609b913fec6d95371b2d9ce9&pid=602bf4005a444e531c1b7814%7C59c9148628a0612da3689288&cid=6061ef6e7591bb462e199484%7C608ae844bab356187b597498&h=e5171875977061d0dd00fc5ffb066019c4df9032&d9=0000&ad=6&vi=100&ofpr=3.5&imid=af356164360fe5cb1428c17490090e41_1723156107_2513534&e=sec3&vi=100&d1=vpaid&fv=3&cb=1626609027053
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:37 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI88zA6sbs8QIVTuAbCh0aiAiMEAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCP73q-rG7PECFc6Qewod8TcEpA;dc_rmcid=CAASFeRosXusTF9asUYe5maCe8GVdSDpnw;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D3245,0,0,0,0%26mtos%3D3245,3245,3245,3245,3245%26amtos%3D0,0,0,0,0%26mcvt%3D3245%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3245%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D828%26pst%3D427%26dur%3D6016%26vmtime%3D3203%26dtos%3D1098%26dtoss%3D2%26dvs%3D1098%26dfvs%3D1098%26dvpt%3D1098%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1500,1500,1500,1500,1500%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D6850%26femvt%3D0%26emc%3D17%26emuc%3D0%26emb%3D17,0,0,0,0%26avms%3Dexc%26qi%3D194834270%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D1626609037940%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3245;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1626609034624;ecn1=1;etm1=0;eid1=18;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6229 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHaTAgxX0YL6qM86h7gPx75CgCsPrsdFjyJLojbwOs-30_QgQASCwr-IfYPWVzoHgBKAB5eWapwLIAQWpAgGOKEV9P7I-qAMByAMTmAQAqgTtAU_QJgKFMVwsYN8gpeL0xdd1la_b9F2pxTb1xaHXAl7U7PLM0VzM-RMCe9fjT1MLE0vgmT-7DgA6Q08opcPLwelxl8Ma3SAm07l9n-yZJWG8cMNPrnNXiCv8BpbKXJZ5Ias3FDwtgFqrHMUjsrp6_LH_ckt6FSgC404S4I0teQgma53USI1upBiklU61WU1qnDxhf9zmmRcV8H6lyI9_wOaUdY-XyLSX3kyZdFzSnjFKJG8pqrHFXEoJLXSab090QtcVFKWYHWz2QrsQ-pwxTZCGvS6u24yopriM0oR8AUNlGOQNurldvrzvUoSnqsAEu6OZ9-QD4AQDkAYBoAZOgAeDmuXYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB3yCBthZHgtc3Vic3luLTE3MTQ5NTA0MjgyMTYyODmACgOYCwHICwGADAGwE8H8_wvIE7am0d0D0BMA2BMKiBQC2BQB0BUBgBcB&sigh=6CmI4BVrq0k&label=videoplaytime50&ad_mt=3204&acvw=sv%3D900%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D3245,0,0,0,0%26mtos%3D3245,3245,3245,3245,3245%26amtos%3D0,0,0,0,0%26mcvt%3D3245%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3245%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D828%26pst%3D427%26dur%3D6016%26vmtime%3D3203%26dtos%3D1098%26dtoss%3D2%26dvs%3D1098%26dfvs%3D1098%26dvpt%3D1098%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1500,1500,1500,1500,1500%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D6850%26femvt%3D0%26emc%3D17%26emuc%3D0%26emb%3D17,0,0,0,0%26avms%3Dexc%26qi%3D194834270%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D1626609037940%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3245&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1626609034624&sdkv=h.3.471.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzEzMjg1NDQ1NjVA_AEKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDA3MDgyNDQyCTE1MDQxMjIwMUDGAVI1COEHEA8lAADAQCgBOgsxNTA0MTIyMDEtMUIER0RDTUhsUABaEGFFSDlFbkRsQWpZd0kxUW0YAQ..

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 124ms
124ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&asid=608ae873e143d0187c6b0595%7C609b913fec6d95371b2d9ce9&pid=602bf4005a444e531c1b7814%7C59c9148628a0612da3689288&cid=6061ef6e7591bb462e199484%7C608ae844bab356187b597498&h=e5171875977061d0dd00fc5ffb066019c4df9032&d9=0000&ad=6&vi=100&ofpr=3.5&imid=af356164360fe5cb1428c17490090e41_1723156107_2513534&e=midpoint&ad=6&vi=100&d1=vpaid&fv=3&stk=1&cb=1626609027053
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:37 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI88zA6sbs8QIVTuAbCh0aiAiMEAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCP73q-rG7PECFc6Qewod8TcEpA;dc_rmcid=CAASFeRosXusTF9asUYe5maCe8GVdSDpnw;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D4745,0,0,0,0%26mtos%3D4745,4745,4745,4745,4745%26amtos%3D0,0,0,0,0%26mcvt%3D4745%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4745%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1230%26pst%3D427%26dur%3D6016%26vmtime%3D4704%26dtos%3D1500%26dtoss%3D3%26dvs%3D1500%26dfvs%3D1500%26dvpt%3D1500%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1500,1500,1500,1500,1500%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D6850%26femvt%3D0%26emc%3D25%26emuc%3D0%26emb%3D25,0,0,0,0%26avms%3Dexc%26qi%3D194834270%26psm%3D-2147483617%26psv%3D-2147483617%26psfv%3D-2147483617%26psa%3D0%26ptlt%3D1626609039440%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4745;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1626609034624;ecn1=1;etm1=0;eid1=960585;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6229 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHaTAgxX0YL6qM86h7gPx75CgCsPrsdFjyJLojbwOs-30_QgQASCwr-IfYPWVzoHgBKAB5eWapwLIAQWpAgGOKEV9P7I-qAMByAMTmAQAqgTtAU_QJgKFMVwsYN8gpeL0xdd1la_b9F2pxTb1xaHXAl7U7PLM0VzM-RMCe9fjT1MLE0vgmT-7DgA6Q08opcPLwelxl8Ma3SAm07l9n-yZJWG8cMNPrnNXiCv8BpbKXJZ5Ias3FDwtgFqrHMUjsrp6_LH_ckt6FSgC404S4I0teQgma53USI1upBiklU61WU1qnDxhf9zmmRcV8H6lyI9_wOaUdY-XyLSX3kyZdFzSnjFKJG8pqrHFXEoJLXSab090QtcVFKWYHWz2QrsQ-pwxTZCGvS6u24yopriM0oR8AUNlGOQNurldvrzvUoSnqsAEu6OZ9-QD4AQDkAYBoAZOgAeDmuXYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB3yCBthZHgtc3Vic3luLTE3MTQ5NTA0MjgyMTYyODmACgOYCwHICwGADAGwE8H8_wvIE7am0d0D0BMA2BMKiBQC2BQB0BUBgBcB&sigh=6CmI4BVrq0k&label=videoplaytime75&ad_mt=4704&acvw=sv%3D900%26cb%3Dj%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26tos%3D4745,0,0,0,0%26mtos%3D4745,4745,4745,4745,4745%26amtos%3D0,0,0,0,0%26mcvt%3D4745%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4745%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1230%26pst%3D427%26dur%3D6016%26vmtime%3D4704%26dtos%3D1500%26dtoss%3D3%26dvs%3D1500%26dfvs%3D1500%26dvpt%3D1500%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1500,1500,1500,1500,1500%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D6850%26femvt%3D0%26emc%3D25%26emuc%3D0%26emb%3D25,0,0,0,0%26avms%3Dexc%26qi%3D194834270%26psm%3D-2147483617%26psv%3D-2147483617%26psfv%3D-2147483617%26psa%3D0%26ptlt%3D1626609039440%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4745&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1626609034624&sdkv=h.3.471.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzEzMjg1NDQ1NjVA_AEKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDA3MDgyNDQyCTE1MDQxMjIwMUDGAVI1COEHEA8lAADAQCgBOgsxNTA0MTIyMDEtMUIER0RDTUhsUABaEGFFSDlFbkRsQWpZd0kxUW0YAQ..

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 124ms
123ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&asid=608ae873e143d0187c6b0595%7C609b913fec6d95371b2d9ce9&pid=602bf4005a444e531c1b7814%7C59c9148628a0612da3689288&cid=6061ef6e7591bb462e199484%7C608ae844bab356187b597498&h=e5171875977061d0dd00fc5ffb066019c4df9032&d9=0000&ad=6&vi=100&ofpr=3.5&imid=af356164360fe5cb1428c17490090e41_1723156107_2513534&e=thirdQuartile&ad=6&vi=100&d1=vpaid&fv=3&stk=1&cb=1626609027053
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:39 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
t.teads.tv/ 23 B
143 B 99ms
98ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=timeSpent&env=js-web&buyer_pixel_id=2275&referer=https%3A%2F%2Fwww.soo-healthy.com%2F3559
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:39 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 127ms
127ms XHR
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=602bf4005a444e531c1b7814
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 18 Jul 2021 11:50:39 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI88zA6sbs8QIVTuAbCh0aiAiMEAAYACCpt9xHOhoIofGq-QEQu6OZ9-QDGLam0d0DIMiS6I28DkITCP73q-rG7PECFc6Qewod8TcEpA;dc_rmcid=CAASFeRosXusTF9asUYe5maCe8GVdSDpnw;eps=CIhhEAEYHQ;met=1;acvw=sv%3D900%26cb%3Dj%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26p0%3D1028,1302,1190,1590%26p1%3D1028,1302,1190,1590%26p2%3D1028,1302,1190,1590%26p3%3D1028,1302,1190,1590%26tos%3D6063,0,0,0,0%26mtos%3D6063,6063,6063,6063,6063%26amtos%3D0,0,0,0,0%26mtos1%3D1745,0,0%26mtos2%3D1500,0,0%26mtos3%3D1500,0,0%26mcvt%3D6063%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D6063%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1632%26pst%3D427%26dur%3D6016%26vmtime%3D6016%26dtos%3D1318%26dtoss%3D4%26dvs%3D1318%26dfvs%3D1318%26dvpt%3D1318%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1318,1318,1318,1318,1318%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D6850%26femvt%3D0%26emc%3D31%26emuc%3D0%26emb%3D31,0,0,0,0%26avms%3Dexc%26qi%3D194834270%26psm%3D-2147483521%26psv%3D-2147483521%26psfv%3D-2147483521%26psa%3D0%26ptlt%3D1626609040757%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,6063%26ss0%3D0.02%26ss1%3D0.02%26ss2%3D0.02%26ss3%3D0.02;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1626609034624;ecn1=1;etm1=0;eid1=13;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6229 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHaTAgxX0YL6qM86h7gPx75CgCsPrsdFjyJLojbwOs-30_QgQASCwr-IfYPWVzoHgBKAB5eWapwLIAQWpAgGOKEV9P7I-qAMByAMTmAQAqgTtAU_QJgKFMVwsYN8gpeL0xdd1la_b9F2pxTb1xaHXAl7U7PLM0VzM-RMCe9fjT1MLE0vgmT-7DgA6Q08opcPLwelxl8Ma3SAm07l9n-yZJWG8cMNPrnNXiCv8BpbKXJZ5Ias3FDwtgFqrHMUjsrp6_LH_ckt6FSgC404S4I0teQgma53USI1upBiklU61WU1qnDxhf9zmmRcV8H6lyI9_wOaUdY-XyLSX3kyZdFzSnjFKJG8pqrHFXEoJLXSab090QtcVFKWYHWz2QrsQ-pwxTZCGvS6u24yopriM0oR8AUNlGOQNurldvrzvUoSnqsAEu6OZ9-QD4AQDkAYBoAZOgAeDmuXYAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB3yCBthZHgtc3Vic3luLTE3MTQ5NTA0MjgyMTYyODmACgOYCwHICwGADAGwE8H8_wvIE7am0d0D0BMA2BMKiBQC2BQB0BUBgBcB&sigh=6CmI4BVrq0k&label=videoplaytime100&ad_mt=6016&acvw=sv%3D900%26cb%3Dj%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D1028,1302,1190,1590%26p0%3D1028,1302,1190,1590%26p1%3D1028,1302,1190,1590%26p2%3D1028,1302,1190,1590%26p3%3D1028,1302,1190,1590%26tos%3D6063,0,0,0,0%26mtos%3D6063,6063,6063,6063,6063%26amtos%3D0,0,0,0,0%26mtos1%3D1745,0,0%26mtos2%3D1500,0,0%26mtos3%3D1500,0,0%26mcvt%3D6063%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D6063%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1632%26pst%3D427%26dur%3D6016%26vmtime%3D6016%26dtos%3D1318%26dtoss%3D4%26dvs%3D1318%26dfvs%3D1318%26dvpt%3D1318%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1318,1318,1318,1318,1318%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D6850%26femvt%3D0%26emc%3D31%26emuc%3D0%26emb%3D31,0,0,0,0%26avms%3Dexc%26qi%3D194834270%26psm%3D-2147483521%26psv%3D-2147483521%26psfv%3D-2147483521%26psa%3D0%26ptlt%3D1626609040757%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,6063%26ss0%3D0.02%26ss1%3D0.02%26ss2%3D0.02%26ss3%3D0.02&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1626609034624&sdkv=h.3.471.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1MzEzMjg1NDQ1NjVA_AEKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MDA3MDgyNDQyCTE1MDQxMjIwMUDGAVI1COEHEA8lAADAQCgBOgsxNTA0MTIyMDEtMUIER0RDTUhsUABaEGFFSDlFbkRsQWpZd0kxUW0YAQ..

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jul 2021 11:50:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 124ms
124ms Image
text/plain 54.172.246.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.soo-healthy.com&rs=www.soo-healthy.com&sid=55271&t=1626609026&cip=185.236.201.228&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=602bf4005a444e531c1b7814&test=&aafaid=&proto=https&uid=1626609026957-975664409562-008546-009-008286&cha=0.7&stagid=6061ffcc67d72b4ad8345434&stplid=602bffb67cace41603668460&cb=27016931588&d9=0000&AV_WIDTH=288&AV_HEIGHT=162&asid=608ae873e143d0187c6b0595%7C609b913fec6d95371b2d9ce9&pid=602bf4005a444e531c1b7814%7C59c9148628a0612da3689288&cid=6061ef6e7591bb462e199484%7C608ae844bab356187b597498&h=e5171875977061d0dd00fc5ffb066019c4df9032&d9=0000&ad=6&vi=100&ofpr=3.5&imid=af356164360fe5cb1428c17490090e41_1723156107_2513534&e=complete&ad=6&vi=100&d1=vpaid&fv=3&stk=1&cb=1626609027053
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-246-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.soo-healthy.com/3559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 11:50:40 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST csi
csi.gstatic.com/ Frame 6229 0
0

POST csi
csi.gstatic.com/ Frame 6762 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~kr950nam&c=5930837046708&slotId=2965418523354&qqid=CO2wq-rG7PECFaKAdwod6rIDdA&gqid=gxX0YJCqMZD-3wO9qpTQCA&fb=ima_html5-lima&sdkv=h.3.471.1&mrd=4&aab=1&itv=1&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=993&mt=video%2Fmp4&vs=640x360&uet=2&rec=show_ad-1%7CloadedMetadata-1%7Cloaded-1%7Cimpression-1%7CcreativeView-1%7Cmeasurable_impression-1%7Cstart-1%7Cmute-1%7CfirstQuartile-1%7Cviewable_impression-1%7Cmidpoint-1%7CthirdQuartile-1%7Ccomplete-1

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kr950mvx&c=5930837046708&slotId=2965418523354&uet=2&met.4=hvd_lc.kr950mvw~hvd_src.kr950mvw&ps=288x162

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kr950rpx&c=5930837046708&slotId=2965418523354&qqid=CP73q-rG7PECFc6Qewod8TcEpA&gqid=gxX0YPLMMdPB-gb7vL7YBg&fb=ima_html5-lima&sdkv=h.3.471.1&mrd=4&aab=1&itv=1&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=993&mt=video%2Fmp4&vs=640x360&uet=2&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&rec=show_ad-1%7CloadedMetadata-1%7Cloaded-1%7Cimpression-1%7CcreativeView-1%7Cmeasurable_impression-1%7Cstart-1%7Cmute-1%7CfirstQuartile-1%7Cviewable_impression-1%7Cmidpoint-1%7CthirdQuartile-1%7Ccomplete-1

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kr950rqr&c=5930837046708&slotId=2965418523354&uet=2&met.4=hvd_lc.kr950rqr~hvd_src.kr950rqr&ps=288x162

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.soo-healthy.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js(Line 6) Message: [GPT] Div ID passed to googletag.display() does not match any defined slots: SH_InContent_1.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js(Line 6) Message: [GPT] Div ID passed to googletag.display() does not match any defined slots: SH_InContent_2_Left.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js(Line 6) Message: [GPT] Div ID passed to googletag.display() does not match any defined slots: SH_InContent_2_Right.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js(Line 6) Message: [GPT] Div ID passed to googletag.display() does not match any defined slots: SH_InContent_2_Mobile.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js(Line 6) Message: [GPT] Div ID passed to googletag.display() does not match any defined slots: SH_InContent_3.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js(Line 6) Message: [GPT] Div ID passed to googletag.display() does not match any defined slots: SH_Sidebar_1.
console-api	log	URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=6061ffcc67d72b4ad8345434&AV_PUBLISHERID=602bf4005a444e531c1b7814(Line 323) Message: Entered but didnt reach PBJS
console-api	log	URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=6061ffcc67d72b4ad8345434&AV_PUBLISHERID=602bf4005a444e531c1b7814(Line 330) Message: Entered but stopped before PBJS
console-api	log	URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=6061ffcc67d72b4ad8345434&AV_PUBLISHERID=602bf4005a444e531c1b7814(Line 218) Message: [object Object] WE HAVE ------------------------- [object Object] ++++++++++++++++++++++++++
console-api	log	URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=6061ffcc67d72b4ad8345434&AV_PUBLISHERID=602bf4005a444e531c1b7814(Line 219) Message: ****************************************** [object Object]
console-api	error	URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=6061ffcc67d72b4ad8345434&AV_PUBLISHERID=602bf4005a444e531c1b7814(Line 235) Message: Couldn't log custom impression TypeError: pbjs.convertCurrency is not a function
console-api	log	URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=6061ffcc67d72b4ad8345434&AV_PUBLISHERID=602bf4005a444e531c1b7814(Line 218) Message: [object Object] WE HAVE ------------------------- [object Object] ++++++++++++++++++++++++++
console-api	log	URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=6061ffcc67d72b4ad8345434&AV_PUBLISHERID=602bf4005a444e531c1b7814(Line 219) Message: ****************************************** [object Object]
console-api	error	URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=6061ffcc67d72b4ad8345434&AV_PUBLISHERID=602bf4005a444e531c1b7814(Line 235) Message: Couldn't log custom impression TypeError: pbjs.convertCurrency is not a function

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ade.googlesyndication.com
ads.adaptv.advertising.com
adservice.google.com
adx.adform.net
ajax.cloudflare.com
amazon-tam-match.dotomi.com
amplify.outbrain.com
aniview-d.openx.net
ap.lijit.com
api.fouanalytics.com
api.rlcdn.com
as-sec.casalemedia.com
bcp.crwdcntrl.net
bh.contextweb.com
bid.g.doubleclick.net
bidswitch-eu.splicky.com
btloader.com
c.amazon-adsystem.com
c1.adform.net
cdn.jsdelivr.net
cdn.taboola.com
ce.lijit.com
cm.g.doubleclick.net
csi.gstatic.com
d.adroll.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
htlb.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
jadserve.postrelease.com
js-sec.indexww.com
loadm.exelator.com
match.adsrvr.org
match.prod.bidr.io
nep.advangelists.com
nshr9wraulbrkbqsb.ay.delivery
p.teads.tv
pagead2.googlesyndication.com
paylo.leavy.me
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.tapad.com
player.aniview.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod.perf-serving.com
pubads.g.doubleclick.net
r6---sn-4g5ednls.c.2mdn.net
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.mathtag.com
sync.targeting.unrulymedia.com
t.teads.tv
tg1.aniview.com
tpc.googlesyndication.com
tr.outbrain.com
track1.aniview.com
u.openx.net
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.soo-healthy.com
x.bidswitch.net
csi.gstatic.com
13.224.90.44
13.248.242.197
142.250.184.226
142.250.185.226
142.250.186.66
151.101.13.44
151.101.14.49
157.90.167.185
172.217.16.130
18.159.182.76
18.184.169.195
18.185.190.29
18.198.69.109
18.208.241.4
184.31.84.150
184.31.88.106
185.29.135.233
185.64.189.110
185.86.138.114
198.148.27.140
2.18.232.130
2.18.232.7
2.18.234.190
2.18.234.21
2001:4860:4802:32::3
2001:678:cb4:bbbb::11
213.19.147.45
23.92.190.69
2600:9000:21f3:7000:0:70b1:7080:93a1
2606:4700:20::681a:78b
2606:4700:3030::ac43:9b2f
2606:4700:3033::6815:3a2a
2606:4700:3034::ac43:ab97
2606:4700:3036::6815:38ad
2606:4700::6810:a823
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:110:c305::8000
2a00:1450:4001:5b::c
2a00:1450:4001:801::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9d
2a02:26f0:6c00:2ab::2c79
2a02:fa8:8806:13::1400
2a04:4e42:3::485
3.120.211.246
3.126.56.137
3.126.63.176
3.127.166.11
34.120.133.55
34.192.164.183
34.198.116.61
34.251.130.56
34.98.64.218
35.227.248.159
37.157.4.24
37.157.6.245
37.252.173.27
37.252.173.38
52.203.172.63
52.30.222.33
52.46.133.124
52.95.116.38
54.172.246.227
54.204.142.198
54.78.251.22
64.202.112.31
64.233.184.155
66.155.71.150
72.251.249.9
76.223.111.18
03f5b383664db0c060f71b32d174613916b474ce57bd7837606721ab4b844c93
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07f62d14c1c8f89435e4870b5f7bcb6ed63c75f0f8f45f7fd2f7521899aad072
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c68189254b2d5bbfd8454750e7f6a776a3df0a18972340d9cb71d2d8aacc231
11dd7443e60c9756c636d4d9e270eeba4085691a86dc1d343af835e5cb354ed9
142cd25d0b899ad93ac0ddd4c17cd451d804a4f42f07fc53b3cb89f6f55e9366
17c95dda6af1a7e1e5cf6d3f17df342ab4a3136715e9d470b9285889009c475f
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
1cdf315777c68db6cf3604dcb5974006042bbd77947730dfb9bbfd443b3e3e90
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
27a39ddbd57b8af03ca8f4d41fc906b26d66d8529e0f99e9f5ba479cdab2ce12
2e66ce2eadd79bca0080194f87dbf2f1d01bbf996241615de43d94dfc7eb1d0d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f670352652471c5e961c1992ed3813a521054aec6e2d5047de73415a6ce4f44
3231f5c502d8800ca081581154af09abb6bf371b229b50a3153390ba49d06e42
324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33a26bd80eda3cc203100eba680beaf03ba6ecb93ae9297c4a4a9eb47a8ea624
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3740db08818b0f0486beb99ae6167c0177f009252e2d9237d9289f86f4b4eebb
3afc8b0921603b7d5c5164f2994c6918b189a3ff95a0d3819fa0d1284af0fd82
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4492a4f252febe84a00d7f8246e50e43475a11d7192a279aab3c189cd3721456
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b477c7a8a488b212481791b669df0dfc992206b0b8976e862fb2f80a825994e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef11f7269dfe7b65572d72528dff56929869c76e8c49df15083959e1a92d4d0
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
5248aed97d32d112032485001e69d9892f38ab3492db5f597f4ca337eb008f14
528a582ea998425535a5dd162b3f7fbc3fe78098a4089a31fec260fbc6c3cc79
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
56832ad43e634d46d48c2cd9cc7ad80121b042bdddaaa3bd67af5fb0ce109d5c
59c846dc217e3c4aed19faf0f7fdffa70a4675840311a23c6823065e4f357bf8
60c420151119c997eb9f8c8c7ab0771775980aeba9e8c1deb96aaff93984c1e9
617d577ec6c757c45f60452ccb6838755b75cd4fb9fabc2e3ddf6385d8e8f08b
6775ae3a750e03d17aef17361eb2ff327abc112796226aafc0dba8f3d7845d0d
67a93cb596cf7e65926cc6f37e356a5ba6249a3ac8dbce1b8e5fd16ae3967f92
71e94091c42ce2b0e0bcac6f831d4877cf170ca6bcdca3c2c9de0970a63cd21f
71f756359addc7b0d08506c6935b8563b4cb375a6b3dbc3d680155d69119f88e
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
76b8c213b84808d8f2986bfa38e79e3f2d1a94f065e517a143999b198abd8bd6
7b8b062d287ecaea26f85160da5f8a8b9e05c227a34078140d193a4ee4142edb
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8590fa1e7064f69ca1db92da7e0a136fa11704cdc566cfab87462b6411c0c9b5
86979f9dcafdd2577084f9c35465da282de5ef01ffbd44c5d51d5a70944d0780
8ce9e4cc5d3b0fcfb20a038cdbdb7df974b3facc5caece06ec645bcfd9839c96
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
94f6712776df8ccc1357ac9f95948ab6bacb82a9e90d7d9da4dbdb6a1f4fc992
9585c8db7121db76c125b88f78221458601880c4ec494a519fb036e12f78d05f
95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4
95f25db6ede65cadd32934c1b14d6e0d14fd7de517feab50cbda4c403154eed0
9953f27b27bea302357124bc592dcc4378db075eb607d851600470aea27c9485
99ada7e01817367027759ac452a1dd11eca7557272b8940d659c07adb6bc8cbe
9b04b5ebd6f660fb99cd2240860eee5d1e315d6fa524e89cde61b02283e4fce1
9b23c6e66ffd4dde4f64a24dd865430b5cfc7c70dea9fa6053c17872b0634754
9b51a11833f3d89222a52178a0ae2cc431cec38c50fdd2bebfae3347ef93e2bd
9bb46dbf7fdadc1a69827398f101c6bb10c30350373d5b04231d6b51323aca03
9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35
9c86c0c02ccb446b1a50d0282f4d9715e45670be443c4c3f666c263601e36274
9f43aa34b620c451290ad923748729c9956da9e7476387b34f860d1131108924
9f560a88409ec997718aa615b80adaa0baed7fcbe955bb73f6dedeebe649821f
9f68fc728f5630517460badf7b6e1454f63d4e44bee17adb7c83ab7dacd94754
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1343e259c153b2377aef5294748120cce8834d16e8b4486794917daabff816d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a66587c21741db64b93bf27804294856bd691b492c94c930e013ef0f7e35a750
aabc30ee10c2b23a718fe443f43b051563fa5c58aa4b48cb64155a424e451468
ac701962e0f928da91e6abedea5b38ac208459f46b7453e2deebad93401f1e29
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b12588e1df34c006aeb85347f5d4ed740ae9257e3df8a7ad747bf208f1e58aed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1edb4dd717d4b084384a9a93c44a6a356f9cc0e8012f94857bc71365c16f0bf
b435302427cdecf38395d78b46379451fe50ae8353b32fd062a5a20e17f6e864
b62c82bf4330bb132014a8f81a4fdca1c3c73f2f224b575f627fdcaed9fa678e
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bdd79a6e3c294ca729a3a8fd5300d3be9bd6ea4f489d5e04fd4956914ff2a0bc
c071ab90a752101d8e04ed2c9004ab97f626ddae93b775c82151795e0a54d616
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c8a2ce0ff737cb50745bcd2b534fa03c462d897895dadb9af2d46e37db45c2f2
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca5fd4b5e02a099039bc72df5a3deb04d061bd3d1c4d78fe78e8628846d453a4
cbc6988a47a348b00501ea7336494748360fd983cc59d77fa35de27a593ce78a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce22eafb4be807fdeeb182461e9024106a4f5d1cd78c08dd9e56241b0896c544
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d0a2f073c3451ecc8a692e20bf14b655f40538e18b6186474e9e9ef6d13299c6
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
dd5bb66bac9f2d27689f537a7beaf5630134204e7327c42c066f0b64717fb3d3
dfdb42851f1f44ac5488dfe2eb0414b97009112cefc9f25844c2c38107dbf8d5
e15422f05cbcde9d0d0753658f6e095c40ca06db76f84e74ab191c4d6f8fa560
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9ae6543138288de4ff2206bd21bbfaaf3c8f7a2d69821041245256aad00cc
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
ed9d8a85752444c07d53491a1737889b4d86e194b64eaae1ed0bb8789e1ed0ea
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8a7282c057157ccc4c130d338900692539064494f2ff43857ee863770abac2
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f7b42bff3b321809e6686c19f1b3425a17e5ca3febce5f6f1828ec410b131494
fb8abf4975a70816d1ecb0e3dff7ed44ff73201795790a55b4abfb0d1b6d162f
fcc060c1d7fdb0c34763912f562c6aa3baee74764f9ec0da3e4799be6bee0791
fe1b6062a0fe0ff86aba96a766cd1d828017240985f046abcf0fbedd355aa4a1
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

www.soo-healthy.com Open in urlscan Pro 2606:4700:3034::ac43:ab97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

257 Requests

98 %HTTPS

36 %IPv6

57 Domains

91 Subdomains

57 IPs

8 Countries

3599 kBTransfer

6921 kBSize

0 Cookies

0 Outgoing links

Redirected requests

257 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.soo-healthy.com Open in urlscan Pro
2606:4700:3034::ac43:ab97 Public Scan

Screenshot
Live screenshot

Full Image

257
Requests

98 %
HTTPS

36 %
IPv6

57
Domains

91
Subdomains

57
IPs

8
Countries

3599 kB
Transfer

6921 kB
Size

0
Cookies

257 HTTP transactions
2 data transactions