recover.novodetox.com Open in urlscan Pro
141.193.213.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://recover.novodetox.com/
Submission: On April 04 via automatic, source certstream-suspicious (April 4th 2023, 8:27:02 pm UTC) — Scanned from DE

Summary HTTP 171 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 29 domains to perform 171 HTTP transactions. The main IP is 141.193.213.11, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is recover.novodetox.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 13th 2022. Valid for: a year.

This is the only time recover.novodetox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
7	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223d:d600:12:de4a:40:93a1	16509 (AMAZON-02) (AMAZON-02)
13	34.75.26.110 34.75.26.110	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	136.143.191.67 136.143.191.67	2639 (ZOHO-AS) (ZOHO-AS)
8	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4 4	2606:4700:20:... 2606:4700:20::681a:27a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18 28	2606:4700:20:... 2606:4700:20::ac43:4acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.17.102 18.66.17.102	16509 (AMAZON-02) (AMAZON-02)
1	34.199.5.193 34.199.5.193	14618 (AMAZON-AES) (AMAZON-AES)
1 6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4	23.96.124.68 23.96.124.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
17	185.20.209.147 185.20.209.147	41913 (COMPUTERL...) (COMPUTERLINE Computerline)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 4	52.10.142.145 52.10.142.145	16509 (AMAZON-02) (AMAZON-02)
2 6	52.214.236.0 52.214.236.0	16509 (AMAZON-02) (AMAZON-02)
3 3	54.158.150.69 54.158.150.69	14618 (AMAZON-AES) (AMAZON-AES)
4 4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3 3	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	3.120.68.67 3.120.68.67	16509 (AMAZON-02) (AMAZON-02)
2	18.66.122.56 18.66.122.56	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	34.195.214.14 34.195.214.14	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	136.143.190.97 136.143.190.97	() ()
171	32

44 141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

recover.novodetox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:d600:12:de4a:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

159642.tctm.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.75.26.110 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 110.26.75.34.bc.googleusercontent.com

novohelp.wpengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tdcgethelp.wpengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.143.191.67 (United States)

ASN2639 (ZOHO-AS, US)

salesiq.zoho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:27a (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

a.remarketstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:20::ac43:4acf (United States) 18 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.17.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-17-102.vie50.r.cloudfront.net

cdn.js.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.5.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-5-193.compute-1.amazonaws.com

184079.t.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.96.124.68 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

s.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.20.209.147 (Switzerland)

ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH)

css.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.10.142.145 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-142-145.us-west-2.compute.amazonaws.com

a.usbrowserspeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.214.236.0 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-236-0.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.158.150.69 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-150-69.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.101 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.68.67 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-68-67.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-56.fra60.r.cloudfront.net

tag.trovo-tag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.195.214.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-214-14.compute-1.amazonaws.com

io.v2.customerlabs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.143.190.97 (None, )

ASN- ()

salesiq.zohopublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	novodetox.com recover.novodetox.com	1 MB
28	clickcertain.com 18 redirects a.clickcertain.com — Cisco Umbrella Rank: 3374	17 KB
17	zohocdn.com css.zohocdn.com — Cisco Umbrella Rank: 14667 js.zohocdn.com — Cisco Umbrella Rank: 14140 static.zohocdn.com	570 KB
13	wpengine.com novohelp.wpengine.com tdcgethelp.wpengine.com	130 KB
10	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 228	8 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	272 KB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 google.com — Cisco Umbrella Rank: 1	1 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1078 s.clarity.ms — Cisco Umbrella Rank: 8424 c.clarity.ms — Cisco Umbrella Rank: 1636	22 KB
7	google.de www.google.de — Cisco Umbrella Rank: 5216	1019 B
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	469 KB
6	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 552	868 B
6	customerlabs.co cdn.js.customerlabs.co — Cisco Umbrella Rank: 119872 io.v2.customerlabs.co — Cisco Umbrella Rank: 134502	160 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2284	21 KB
5	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 73	25 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	112 KB
4	usbrowserspeed.com 2 redirects a.usbrowserspeed.com — Cisco Umbrella Rank: 6333	780 B
4	remarketstats.com 4 redirects a.remarketstats.com — Cisco Umbrella Rank: 43369	2 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 407 c.bing.com — Cisco Umbrella Rank: 252	15 KB
3	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 323	1 KB
3	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 429	3 KB
3	liadm.com 3 redirects i.liadm.com — Cisco Umbrella Rank: 594	3 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 467	1 KB
2	zohopublic.com salesiq.zohopublic.com	975 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	216 B
2	trovo-tag.com tag.trovo-tag.com — Cisco Umbrella Rank: 54603	1 KB
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 176	2 KB
2	zoho.com salesiq.zoho.com — Cisco Umbrella Rank: 15677	50 KB
1	hyros.com 184079.t.hyros.com
1	tctm.co 159642.tctm.co	16 KB
171	29

	Domain	Requested by
44	recover.novodetox.com	recover.novodetox.com
28	a.clickcertain.com	18 redirects recover.novodetox.com a.remarketstats.com a.clickcertain.com tag.trovo-tag.com
11	tdcgethelp.wpengine.com	recover.novodetox.com
9	css.zohocdn.com	salesiq.zoho.com css.zohocdn.com js.zohocdn.com
8	fonts.gstatic.com	recover.novodetox.com
7	js.zohocdn.com	salesiq.zoho.com js.zohocdn.com
7	www.google.de	recover.novodetox.com
7	www.googletagmanager.com	recover.novodetox.com www.googletagmanager.com
6	match.prod.bidr.io	2 redirects a.clickcertain.com tag.trovo-tag.com
6	www.google.com	1 redirects recover.novodetox.com
6	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
5	io.v2.customerlabs.co	recover.novodetox.com cdn.js.customerlabs.co
5	lh3.googleusercontent.com	recover.novodetox.com
4	connect.facebook.net	recover.novodetox.com connect.facebook.net
4	cm.g.doubleclick.net	4 redirects
4	a.usbrowserspeed.com	2 redirects tag.trovo-tag.com
4	s.clarity.ms	www.clarity.ms
4	a.remarketstats.com	4 redirects
3	google.com	www.googletagmanager.com
3	x.bidswitch.net	1 redirects a.clickcertain.com
3	secure.adnxs.com	3 redirects
3	i.liadm.com	3 redirects
3	pixel.tapad.com	3 redirects
3	region1.google-analytics.com	www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	bat.bing.com	recover.novodetox.com bat.bing.com
2	salesiq.zohopublic.com	js.zohocdn.com
2	c.clarity.ms	1 redirects
2	www.facebook.com	recover.novodetox.com
2	tag.trovo-tag.com	a.clickcertain.com
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	salesiq.zoho.com	recover.novodetox.com salesiq.zoho.com
2	novohelp.wpengine.com	recover.novodetox.com
1	static.zohocdn.com
1	c.bing.com	1 redirects
1	184079.t.hyros.com	recover.novodetox.com
1	cdn.js.customerlabs.co	recover.novodetox.com
1	159642.tctm.co	recover.novodetox.com
171	40

This site contains links to these domains. Also see Links.

Domain
www.google.com

Subject Issuer	Validity	Valid
recover.novodetox.com Cloudflare Inc ECC CA-3	`2022-11-13` - `2023-11-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.tctm.co Amazon RSA 2048 M01	`2023-02-22` - `2023-10-06`	7 months	crt.sh
*.wpengine.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.zoho.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-25` - `2024-04-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
cdn.js.customerlabs.co Amazon RSA 2048 M01	`2023-02-28` - `2023-10-26`	8 months	crt.sh
t.hyros.com Amazon RSA 2048 M01	`2023-02-21` - `2024-03-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-19` - `2023-05-19`	a year	crt.sh
*.zohocdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-03` - `2023-10-03`	a year	crt.sh
trovo-tag.com Amazon RSA 2048 M01	`2023-03-01` - `2023-06-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-12` - `2023-04-12`	3 months	crt.sh
a.usbrowserspeed.com Amazon RSA 2048 M01	`2022-12-01` - `2023-12-30`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
hook.customerlabs.co Amazon RSA 2048 M01	`2023-02-21` - `2023-12-12`	10 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.match.prod.bidr.io Amazon RSA 2048 M02	`2023-02-09` - `2024-01-26`	a year	crt.sh
zohopublic.com R3	`2023-01-31` - `2023-05-01`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://recover.novodetox.com/
Frame ID: 0BEE2112FE1A40858EA2A99AB140A18F
Requests: 140 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&cn=DE
Frame ID: 5DF8FB46F8A7F92FCF5463D7B6839D5D
Requests: 5 HTTP requests in this frame

Frame: https://tag.trovo-tag.com/193f0456
Frame ID: 3AB058E39F18EE320C5A084844AE5257
Requests: 4 HTTP requests in this frame

Frame: https://css.zohocdn.com/salesiq/styles/newembedtheme_07bc3549ee9f632fb2a136a4f93fd0a8_.css
Frame ID: 4A2CCB53FC26CE1F82BA7B3A57F8EC8E
Requests: 13 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&cn=DE
Frame ID: 69C6EFFE82E4A1BAD783E68F8D83C446
Requests: 5 HTTP requests in this frame

Frame: https://tag.trovo-tag.com/193f0456
Frame ID: 05C7A4718B32985CB3EA0B2AE5B8A499
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NOVO Detox | Medical Detox & Treatment Center

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

171
Requests

91 %
HTTPS

47 %
IPv6

29
Domains

40
Subdomains

32
IPs

4
Countries

3006 kB
Transfer

7273 kB
Size

51
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/maps/contrib/100784758771794922443/reviews
Title: Hans Mclemore

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/contrib/111654255718150575517/reviews
Title: Lynda Bowers

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/contrib/111836262202885243484/reviews
Title: David Fuler

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/contrib/102626573983801711500/reviews
Title: Aurora Summers

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/contrib/110337745242413920992/reviews
Title: Bryan Newman

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://a.remarketstats.com/px/smart/?c=24bee1aa8b49a9f&seg=trupathrecovery HTTP 302
https://a.clickcertain.com/px/smart/a/?c=24bee1aa8b49a9f&seg=trupathrecovery HTTP 302
https://a.clickcertain.com/px/?c=24bee1aa8b49a9f

Request Chain 92

https://www.googleadservices.com/pagead/conversion/417659142/wcm?cc=ZZ&dn=855450NOVO&cl=1BV9CKuVp5wDEIbyk8cB&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=855450NOVO&cl=1BV9CKuVp5wDEIbyk8cB

Request Chain 100

https://a.clickcertain.com/px/ta/?ccid=677f60f8-eaf6-455c-bd36-bf2706a38897 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=677f60f8-eaf6-455c-bd36-bf2706a38897&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=677f60f8-eaf6-455c-bd36-bf2706a38897&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://a.clickcertain.com/px/ta/?done=true&ta_id=cf92526c-5afa-4cdf-8fb2-7a75ab9926d1

Request Chain 101

https://a.usbrowserspeed.com/cs?puid=c96d2ead-fc1c-5978-a703-af35ae661ff4&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP 302
https://a.clickcertain.com/px/t/?done=true&uid=0bb6d8b8-3cf2-4a19-a207-2fe39d9b2883&hem=

Request Chain 102

https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Request Chain 103

https://a.clickcertain.com/px/r/?ccid=677f60f8-eaf6-455c-bd36-bf2706a38897 HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=677f60f8-eaf6-455c-bd36-bf2706a38897&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d677f60f8%25252deaf6%25252d455c%25252dbd36%25252dbf2706a38897%252526anx_uId%25253d%252524UID HTTP 303
https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d677f60f8%25252deaf6%25252d455c%25252dbd36%25252dbf2706a38897%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=677f60f8-eaf6-455c-bd36-bf2706a38897&_li_chk=true&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&previous_uuid=bd731cf664634b00bc01520ed6626584 HTTP 303
https://a.clickcertain.com/px/li/?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d677f60f8%25252deaf6%25252d455c%25252dbd36%25252dbf2706a38897%252526anx_uId%25253d%252524UID&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d677f60f8%2deaf6%2d455c%2dbd36%2dbf2706a38897%26anx_uId%3d%24UID HTTP 302
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D677f60f8%2Deaf6%2D455c%2Dbd36%2Dbf2706a38897%26anx_uId%3D%24UID&google_gid=CAESEOXrFft1CB7I5leipPWKAuA&google_cver=1 HTTP 302
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&anx_uId=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D677f60f8-eaf6-455c-bd36-bf2706a38897%26anx_uId%3D%24UID HTTP 302
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&anx_uId=522215943908136076 HTTP 302
https://x.bidswitch.net/sync?dsp_id=179&user_id=677f60f8-eaf6-455c-bd36-bf2706a38897&expires=5&user_group=0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=677f60f8-eaf6-455c-bd36-bf2706a38897&expires=5&user_group=0

Request Chain 108

https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=0a6cd5a0-d327-11ed-99e1-5d8605ad40a4 HTTP 302
https://a.clickcertain.com/px/smart/a/?partner_id=193f0456&type=img&c=24d1add2443e239&partner_rid=0a6cd5a0-d327-11ed-99e1-5d8605ad40a4 HTTP 302
https://a.clickcertain.com/px/img/?c=24d1add2443e239 HTTP 302
https://a.clickcertain.com/px/img/g/?start_cm=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1 HTTP 302
https://a.clickcertain.com/px/img/g/?google_gid=CAESEOXrFft1CB7I5leipPWKAuA&google_cver=1

Request Chain 110

https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Request Chain 116

https://a.remarketstats.com/px/smart/?c=24bee1aa8b49a9f&seg=home&partner_id=cl468714yf3uz9ae39104f-1464-490a-addc-83d2fb052648 HTTP 302
https://a.clickcertain.com/px/smart/a/?seg=home&c=24bee1aa8b49a9f&partner_id=cl468714yf3uz9ae39104f-1464-490a-addc-83d2fb052648 HTTP 302
https://a.clickcertain.com/px/?c=24bee1aa8b49a9f

Request Chain 145

https://a.clickcertain.com/px/ta/?ccid=677f60f8-eaf6-455c-bd36-bf2706a38897 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=677f60f8-eaf6-455c-bd36-bf2706a38897&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://a.clickcertain.com/px/ta/?done=true&ta_id=cf92526c-5afa-4cdf-8fb2-7a75ab9926d1

Request Chain 146

https://a.usbrowserspeed.com/cs?puid=c96d2ead-fc1c-5978-a703-af35ae661ff4&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP 302
https://a.clickcertain.com/px/t/?done=true&uid=0bb6d8b8-3cf2-4a19-a207-2fe39d9b2883&hem=

Request Chain 148

https://a.clickcertain.com/px/r/?ccid=677f60f8-eaf6-455c-bd36-bf2706a38897 HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=677f60f8-eaf6-455c-bd36-bf2706a38897&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d677f60f8%25252deaf6%25252d455c%25252dbd36%25252dbf2706a38897%252526anx_uId%25253d%252524UID HTTP 303
https://a.clickcertain.com/px/li/?ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d677f60f8%25252deaf6%25252d455c%25252dbd36%25252dbf2706a38897%252526anx_uId%25253d%252524UID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d677f60f8%2deaf6%2d455c%2dbd36%2dbf2706a38897%26anx_uId%3d%24UID HTTP 302
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D677f60f8%2Deaf6%2D455c%2Dbd36%2Dbf2706a38897%26anx_uId%3D%24UID&google_gid=CAESEOXrFft1CB7I5leipPWKAuA&google_cver=1 HTTP 302
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&anx_uId=$UID HTTP 302
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&anx_uId=522215943908136076 HTTP 302
https://x.bidswitch.net/sync?dsp_id=179&user_id=677f60f8-eaf6-455c-bd36-bf2706a38897&expires=5&user_group=0

Request Chain 150

https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=0b82b59f-d327-11ed-888c-5d8605ad40a4 HTTP 302
https://a.clickcertain.com/px/smart/a/?partner_id=193f0456&type=img&c=24d1add2443e239&partner_rid=0b82b59f-d327-11ed-888c-5d8605ad40a4 HTTP 302
https://a.clickcertain.com/px/img/?c=24d1add2443e239 HTTP 302
https://a.clickcertain.com/px/img/g/?start_cm=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1 HTTP 302
https://a.clickcertain.com/px/img/g/?google_gid=CAESEOXrFft1CB7I5leipPWKAuA&google_cver=1

Request Chain 154

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=18F509EB53554CBF8AE6D95CA35D4F68&RedC=c.clarity.ms&MXFR=03A8EB6FBCB161A21B82F986B8B16F66 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=18F509EB53554CBF8AE6D95CA35D4F68&MUID=185BA27A3B1B664C192AB0933A1B674A

Request Chain 166

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/417659142/?random=1325317471&cv=11&fst=1680640020678&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&label=1BV9CKuVp5wDEIbyk8cB&hn=www.googleadservices.com&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&gtm_ee=1&auid=1168834772.1680640014&uamb=0&uaw=0&data=event%3DChat%20Triggerred%3Bevent_category%3DSalesIQ%3Bevent_label%3DAuto%20and%20proactive%20chat%20initiated%20to%20the%20visitors.&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=FIgsZLuCK4m_9u8Plc6U8Ao&sscte=1&crd=&pscrd=Ek9DaEVJOEpXdm9RWVFpX3kzMXN6MXBJaVdBUkltQUcwa3hiT25Jem15OFNIakNnLUlRak95Y2dXNXpxa19tdzZ2LWRzcENMUXo4ZW1MOXI0GlhDaEFJOEpXdm9RWVE3ZmpFanVXUGpkUUhFaTRBX0U4d3NnTzNNUkxjWF9aSmZPR3FnTk54bm13Z3NtaWZBSGNkTnZ6aWZNUVZKd3ZXdmVBZnliT09pQ2Z0 HTTP 302
https://www.google.com/pagead/1p-conversion/417659142/?random=1325317471&cv=11&fst=1680640020678&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&label=1BV9CKuVp5wDEIbyk8cB&hn=www.googleadservices.com&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&gtm_ee=1&auid=1168834772.1680640014&uamb=0&uaw=0&data=event%3DChat%20Triggerred%3Bevent_category%3DSalesIQ%3Bevent_label%3DAuto%20and%20proactive%20chat%20initiated%20to%20the%20visitors.&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEpXdm9RWVFpX3kzMXN6MXBJaVdBUkltQUcwa3hiT25Jem15OFNIakNnLUlRak95Y2dXNXpxa19tdzZ2LWRzcENMUXo4ZW1MOXI0GlhDaEFJOEpXdm9RWVE3ZmpFanVXUGpkUUhFaTRBX0U4d3NnTzNNUkxjWF9aSmZPR3FnTk54bm13Z3NtaWZBSGNkTnZ6aWZNUVZKd3ZXdmVBZnliT09pQ2Z0&is_vtc=1&ocp_id=FIgsZLuCK4m_9u8Plc6U8Ao&cid=CAQSKQDUE5ymgReQQRF2MCp9QqRHKJz0LvUkvfnn-umgibmxSWVv8RLIyJhi&random=243603657 HTTP 302
https://www.google.de/pagead/1p-conversion/417659142/?random=1325317471&cv=11&fst=1680640020678&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&label=1BV9CKuVp5wDEIbyk8cB&hn=www.googleadservices.com&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&gtm_ee=1&auid=1168834772.1680640014&uamb=0&uaw=0&data=event%3DChat%20Triggerred%3Bevent_category%3DSalesIQ%3Bevent_label%3DAuto%20and%20proactive%20chat%20initiated%20to%20the%20visitors.&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEpXdm9RWVFpX3kzMXN6MXBJaVdBUkltQUcwa3hiT25Jem15OFNIakNnLUlRak95Y2dXNXpxa19tdzZ2LWRzcENMUXo4ZW1MOXI0GlhDaEFJOEpXdm9RWVE3ZmpFanVXUGpkUUhFaTRBX0U4d3NnTzNNUkxjWF9aSmZPR3FnTk54bm13Z3NtaWZBSGNkTnZ6aWZNUVZKd3ZXdmVBZnliT09pQ2Z0&is_vtc=1&ocp_id=FIgsZLuCK4m_9u8Plc6U8Ao&cid=CAQSKQDUE5ymgReQQRF2MCp9QqRHKJz0LvUkvfnn-umgibmxSWVv8RLIyJhi&random=243603657&ipr=y&prhg=0

171 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
recover.novodetox.com/ 136 KB
21 KB 340ms
248ms Document
text/html 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 1dbbc175957ed50646e25dd18ef2a0cf49f68a65e5b8945d7a3a4d7e0a0a1fcb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b2c49ee3ac73616-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 04 Apr 2023 20:26:52 GMT
link: <https://recover.novodetox.com/wp-json/>; rel="https://api.w.org/" <https://recover.novodetox.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json" <https://recover.novodetox.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYn628vsxigrWjgdSxaZR5mKmrpaPLxDDHprw0OGOyhrlFMTe9SuEXMiEbEN4TJIJxt7X8KUKbAT1D1R41igYI7I%2B%2BwI2dQtCxcczfi4qpd2KsfsOS35ldnWy0i19vo8HcCnkzXW2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 7
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

GET
H2 200 classic-themes.min.css
recover.novodetox.com/wp-includes/css/ 217 B
490 B 483ms
481ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6357e86c-d9"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCypcRfnAL3f2%2BoKvbjkSGtiHgiABBCtoW9ekKBC8wUEdQmBiYP%2B89Qcb0sHrb%2BjMnz%2FcGjFjLXDNkbuZDixdKqhxBjW3U5h3GoMNG%2FOKs52cE%2FzuAtUQQT9YUb6D%2Bl1F12Au%2BOnDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49efed223616-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 styles.css
recover.novodetox.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 444ms
443ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 Mar 2023 14:51:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"641db8ef-b2b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGVcKdAI9d7CX4Zpdh4JuY5yU5jeZWUXYJZkO0AwCDTqaurUn1G%2F47gUr1S%2Fqagp%2BMcdaR0jlgljnjhC3w%2FiebBc5l9hYOvHM2exomP3fAtQ6xhrK0iMIzNSJbpmrDuneWbc%2F73fJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49efed233616-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 public-main.css
recover.novodetox.com/wp-content/plugins/widget-google-reviews/assets/css/ 17 KB
4 KB 449ms
447ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/plugins/widget-google-reviews/assets/css/public-main.css?ver=2.2.9
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e84881222bc85a742f8c37288d5edbc7deaf3b0ae535d4e9a65f12771bb32b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Mar 2023 07:48:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"641c0460-45c0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gd6YpWbdZKZsv13CExMW%2BMr%2FvIcuN3apwfFHM3VwmCHFj9Nswi%2F6SDhhY73SEQ64BncswWKweSyb8UjzgaI2APGk0lyr58tFw%2BuyVN%2FLTqBOtNO%2FenWFpHfQBv%2BL8WzkY64PS%2FSRkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49efed253616-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 wppopups-base.css
recover.novodetox.com/wp-content/plugins/wp-popups-lite/src/assets/css/ 9 KB
2 KB 447ms
445ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/plugins/wp-popups-lite/src/assets/css/wppopups-base.css?ver=2.1.4.9
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8544d575f0817b2e4735aa9b2bf9ea9ff781ebddae9bfbf4f3f129805253c2c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 20 Jan 2023 04:15:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63ca157c-2290"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4IswfM1zabHl2zJL4hVG09zg9B2gYs4Bz3HnUI9Enz%2BZLnGX31hfJZ%2FB17eyDwKir1cMxUJCoUSgMmZgCqxZeAd32XZaknHLsoIc58aYH880SWJOTfYXchSKrzhrC3Sd01uFB4rSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49efed263616-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style-static.min.css
recover.novodetox.com/wp-content/themes/Divi/ 799 KB
79 KB 556ms
555ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/themes/Divi/style-static.min.css?ver=4.14.2
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60486d04562b6e67f0001cb496811c9d8072667b444ef9cac4b554b6c3aa3a41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 14:45:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61b21696-c7afd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWi3KCFFY4dQYU9YaoFwnwNB0ZxMVhOCS1pjluTGnkk3HcqiE0WFqNcQcZGLUKpIQypkOkBDG6w8nW7YRwLVIo6741bQrxS7tq0TuzNbwa%2BNHZtLmzHQJEK7LuOKZ3f6ao2wDtDckA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49efed273616-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 public-main.js Show response
recover.novodetox.com/wp-content/plugins/widget-google-reviews/assets/js/ 35 KB
8 KB 514ms
509ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/plugins/widget-google-reviews/assets/js/public-main.js?ver=2.2.9
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4adf902aa245a4754d36f472a57787a6b1a6e5c785cdbd62f0d4f80fab41b012

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Mar 2023 07:48:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"641c0460-8aab"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvnzMUD51BJ2IVncxZdRclmBpKQbm3wzTHxasgKgW18WNP6kZN%2BFFFFxu5bY8zcmdLv%2FzzdZzvHKXVEtR9NDDR9QBjGKpTUB3g8AEtzH4bQo7AhT8ZhxhFkip2fx9aIUQDx6M4YXJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3be1c37e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 112ms
42ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-193464030-1

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca3de110b0002f544794449302d03cd69bfe59b69c44a7547e5cc9fea0dec875

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44927
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Apr 2023 20:26:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
72 KB 149ms
79ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-417659142

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a41a9c2e97e7bb0bf924f5fb3f384dca28466f1cd99caacc30ce92b0b81562f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73681
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Apr 2023 20:26:53 GMT

GET
H2 200 t.js Show response
159642.tctm.co/ 47 KB
16 KB 165ms
52ms Script
application/x-javascript 2600:9000:223d:d600:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://159642.tctm.co/t.js
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:d600:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: b6897a9f448d833f1f865eb8b33695180a1d1163b1ebae144a7103670575a90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: gzip
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
last-modified: Tue, 04 Apr 2023 20:26:53 GMT
server: ctm
x-amz-cf-pop: FRA56-P3
etag: W/642c880d00026f9a15adae08-159642
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0O_d-CIKanr8gbBS-kDC4TrbrLhb2qom1uxDOCtpfsDPzxDVVFQn4g==

GET
H2 200 et-core-unified-6.min.css
recover.novodetox.com/wp-content/et-cache/6/ 2 KB
903 B 445ms
444ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/et-cache/6/et-core-unified-6.min.css?ver=1679498645
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c8aca07968fbdd4c7f43c787ed7af1ead2a3ddfd9ee8f037127fe1511b9ec2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Mar 2023 15:24:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"641b1d95-6c8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmcQ3lo2%2FqcADj%2FeObXrVgbbuyIpu%2BG8cToumPYKAP3BpGF%2FNJNtB1%2FlfJjpyuKUNHvfRXUvQcQ1d%2FrMAsv27Y%2FhA1DS4BRPTGFDbqBw9672e2n6i2lxasTDe%2FLng7txCsoSIc0jGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49efed283616-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 et-core-unified-deferred-6.min.css
recover.novodetox.com/wp-content/et-cache/6/ 20 KB
2 KB 445ms
445ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/et-cache/6/et-core-unified-deferred-6.min.css?ver=1679498645
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bd59844217d9ec56dd0f7c71e692e6783bfa101dcd0fa52acd4fa210d919ad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Mar 2023 15:24:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"641b1d95-4e63"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WK7H5K2S6%2FS3ZcZA%2F83QI1fb4PPdG4O2sYg6uCe5JcjUOIA1W%2BKGJ8Kee73Q3aqgnZCzuuWsT27pbn3MWlTOIiZuH2pHQU%2BtYqtvZp6gM4h67qQqxqywN2gp8rCirQUirXpixXA9lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49efed293616-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 logo.png
novohelp.wpengine.com/wp-content/uploads/2021/12/ 11 KB
11 KB 665ms
263ms Image
image/png 34.75.26.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novohelp.wpengine.com/wp-content/uploads/2021/12/logo.png
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.75.26.110 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.26.75.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d2b3dcb4506c542e65e8eb4838fdcfffd4746876004915dca7ab9360c1605752

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
last-modified: Thu, 09 Dec 2021 14:29:20 GMT
server: nginx
etag: "61b212c0-2d1a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 11546

GET
H2 200 Google-Rating.png
tdcgethelp.wpengine.com/wp-content/uploads/2021/10/ 23 KB
24 KB 659ms
264ms Image
image/png 34.75.26.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdcgethelp.wpengine.com/wp-content/uploads/2021/10/Google-Rating.png
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.75.26.110 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.26.75.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 025c8a6e4e16eeba89a12a9e84612e2d9ce4416552ce835e33854c2d46e2d982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
last-modified: Wed, 08 Dec 2021 09:17:30 GMT
server: nginx
etag: "61b0782a-5d54"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 23892

GET
H3 200 dashicons.min.css
recover.novodetox.com/wp-includes/css/ 58 KB
35 KB 451ms
451ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-includes/css/dashicons.min.css?ver=6.1.1
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"603ffca6-e688"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OF2ZFp7SFF9BKPoXXpt4YSNi2fppxSoapr84jc28UCZb9ZbCrbFl%2FnelwQptO9v%2FfYjJBDz7moMZJynqvXoh%2BsgMurWfSfHyQf4Z%2BNRT48FMlZ6tML9WGJeJ6ZP6vrvGjIBWp1Xgwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f2fc8e37e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 display-opinions-light.css
recover.novodetox.com/wp-content/plugins/ninja-forms/assets/css/ 44 KB
7 KB 453ms
453ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/plugins/ninja-forms/assets/css/display-opinions-light.css?ver=6.1.1
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: daddf779c6fe0b4f382987824df0b15db65cf281f717037477a833e3b1dfd00a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Mar 2023 02:58:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6411345a-aede"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sY1uzl1p5I7KQ3zfpBfsBYZxhQSyVGnnflv4J25DRP4%2FnjenUoMXAXFvv04zFtI8VVl9knhRU%2BG0ORMzGcLec%2FGvT8Ezq4uK6ZFDNvmIRB%2F%2Fcsy3oxXozN8ehiC4OTPeEPA9zM9j6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f39dac37e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 font-awesome.min.css
recover.novodetox.com/wp-content/plugins/ninja-forms/assets/css/ 27 KB
7 KB 444ms
444ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/plugins/ninja-forms/assets/css/font-awesome.min.css?ver=6.1.1
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Mar 2023 02:58:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6411345a-6b4a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anJAqrROBG0rvLUYmft0Tz4PE1phDwObxn%2FqZC6LH0rYF%2BxkxtaDplT8l86l7SB1W5REBTqAxSk7U5SF51ApALlShe5l2dqwmuN6e9%2BxOGGaHoF9pVQW%2F7%2FjX9sdXcYlC%2BYVa8%2BXRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3bdce37e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 display-structure.css
recover.novodetox.com/wp-content/plugins/ninja-forms-style/layouts/assets/css/ 2 KB
891 B 493ms
488ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/plugins/ninja-forms-style/layouts/assets/css/display-structure.css?ver=3.0.29
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a23c48b5ab60ced83c945fbdf25255b946fc5373c04c328b78342baf2a06f04e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 14:19:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61b21067-619"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThHE%2FmipdMVkWphBCM%2FS%2BBhWN04XzeteggrnVTHJdswzLunz77SAyBY3mXr2hOhqqqC4N9%2F7bzaKyoRMps%2BkgaH%2FTOH4D4mtAR6%2F9WSlUcd2OTScPJptbMtjCLgpYNqemRHjF9cYfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3bde537e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
recover.novodetox.com/wp-includes/js/jquery/ 88 KB
32 KB 453ms
448ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"632879b8-15e54"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PITnmWUfTmg0fGesO1OvrqtaB%2B7cbSFoUAs2OCd4xhLEL7lO7WOytoUtHQBTHoBrahJZ8qijivXOmy%2B%2BtbGvdXT%2F0%2Ba1wXIEbOuCC2F1XTdvNEZZ9PbkDqjRslzmHTF%2FyGEXIoUPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3bde837e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
recover.novodetox.com/wp-includes/js/jquery/ 11 KB
5 KB 493ms
489ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSdPQAoSYu%2BGoTE1r2WBWEoqJ%2Ff0BWB1eGZJ%2BMnSvFhrAETDnq%2FPJF6NpnfT6jfWhauSzHTqObalSWxQCKya1gO%2Bq4fUrS7oSVcNUg2%2FbFK8%2BrpTGdtV3%2BAc3rg%2BCu3glDtp%2Fb0GuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3bdea37e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 regenerator-runtime.min.js Show response
recover.novodetox.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 479ms
474ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6254194e-194b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQj61GVB2iMdiRM5yS2774P4amFb4AIw75zBiYFyWK4GYH0RccdHAV3YPLdV1aH7HJ2dVAfGHItcdNepNoSr2jtbVOTBdEnl9zQFFIjaHNXj20LqOawC%2FFqZj8LrsiHsyCOmOmzu6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3bdeb37e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 wp-polyfill.min.js Show response
recover.novodetox.com/wp-includes/js/dist/vendor/ 17 KB
7 KB 464ms
459ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6329dfa1-459f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNn8mg%2FVP4Aaxd%2BBhslI%2F0VM9YLMMHthtd2%2BDIHqom%2B4u4SpKTqHCjjpulGjwvgiqsOHIocNZZoQOytxv6ww6L%2BBcPhS1IKTU3rR5oImBlUXh1aqW1SVaQ58HNQFrb9FMNiV8XqdVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3bdee37e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 hooks.min.js Show response
recover.novodetox.com/wp-includes/js/dist/ 5 KB
2 KB 464ms
460ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6254194e-132e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eN%2Br%2FBf9ATLpUlj3qetl%2FYd2OMSoGWYAN9pfrMKmY3lperur33ZTn%2Ba2ZnZBjYWrbt3dBkLAkr2rzEm8O4aAYWRuP2Zc9s8AXHFyDIvow4%2FLe8dYzpNvJEJgmqqoGqM62AkgydVfAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3bdf237e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 wppopups.js Show response
recover.novodetox.com/wp-content/plugins/wp-popups-lite/src/assets/js/ 47 KB
12 KB 465ms
461ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/plugins/wp-popups-lite/src/assets/js/wppopups.js?ver=2.1.4.9
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfaf0c0f869d41930f5578c11dbc75bdf3cb5a8a3948936309a1654000de9c3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 20 Jan 2023 04:15:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63ca157c-bb2b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kG4J3eNKCkK%2Be%2FrYFFe5XLtI1iwMK%2FJuYlzBmm5BjjU1UeN0tO4XDmM%2B3Ijb1eVBsweGIlN5x9xcEx4xwI%2Buqi2jdTXaBnusALqYsu0WY2%2FUPi3y12CUgA%2F2zyUdnIO7krtMJklZlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3bdf537e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 index.js Show response
recover.novodetox.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 451ms
447ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 Mar 2023 14:51:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"641db8ef-2801"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3prRFXDS58bANMOZtN5s5vx58vV4ZQrfqsGwfeChzXas12mhq8S%2BE74nnxTPaEMvsNR0z07mPSq%2BSITlB7tkWmiQfVCaZQne2pBgVUCayXKtAVWHziTDBuIMnXQEblvE2X5CIJCq6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3bdf937e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 index.js Show response
recover.novodetox.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 471ms
466ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 Mar 2023 14:51:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"641db8ef-328f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvnIpYWMV5sGtsDwYsgi%2BEYoF5fAFKa5QNvxMJJkP7LZpv2jovmYMbNdFdyxrFWnN%2Fp7LYmR%2BTwW3jWhY23sZm26uU38AOmH0Eoo0Jb9TO6yeQVrrEHRCK2RN6SXyITizw4YMHqYtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3bdfc37e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 scripts.min.js Show response
recover.novodetox.com/wp-content/themes/Divi/js/ 271 KB
61 KB 567ms
563ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.14.2
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e083376479196a2dfe8a8875704d4ee1a268afa29ef1f0ac5c86a881df5cc02b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 14:45:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61b21696-43a00"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fw%2Brvn9%2B2u6xMMJzhQiOz2qgkAVr%2FhFLtKbbghtH95chCs%2FWv3J6Ia0LmuZya6pcwkNF%2FJsTWbn6HH1oDH9cdhHzp1AHa5nugJl3Sv0TvCqF3EeTCB%2FkIKq51fxX8fl%2BhWFNvdatjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3be0037e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 common.js Show response
recover.novodetox.com/wp-content/themes/Divi/core/admin/js/ 1 KB
1 KB 498ms
493ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.14.2
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 14:45:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61b21696-53f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLi3IJlGm%2FCIPG1%2FxAI7d%2F8UiuWDupZj76NYAjq78HagPfGSKzdP08m1a04bixdu6nzTFNURYmWRQF%2Bw9gbZHgBPjbj%2BaxcMgTS2UJNHLFpQB5WpJhvxF4I%2B%2F1E%2BArCFm2qZ6MN0fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3be0337e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 underscore.min.js Show response
recover.novodetox.com/wp-includes/js/ 18 KB
8 KB 493ms
488ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 27 Sep 2022 15:18:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63331441-4991"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5EvKq1F5AnDbGmMQi8ZYXHxTeYNQSxzHDylfDdwCwjaepKBkBpiyF%2Bn5EvHN6rY0xOV%2FBmAAVQADY%2FAq4%2Fg%2BmThWYAS7d7ow%2Fij3gIRTQrkPUM32ubA0ni7hY9iY1OlkeGz5SYcGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3be0537e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 backbone.min.js Show response
recover.novodetox.com/wp-includes/js/ 23 KB
8 KB 480ms
475ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-includes/js/backbone.min.js?ver=1.4.1
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a714d3e7cd0751a5f1428881d65043743826415dbdcf7b3f3bc3f938180f18da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Oct 2022 18:57:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"633f2512-5d28"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyTpmeEScX49fld1VKluMZFNrQ85KGcwf6iH%2FF8sYby0iaAQORPD32SeTeZ3QWIkpzQmKaamfP98OsAdtQUk66%2BJdSNWs%2BuoiyR7w85JRl76zIq9AjKcJoBDs7Emv%2FnzDAsKNkldpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3be0937e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 front-end-deps.js Show response
recover.novodetox.com/wp-content/plugins/ninja-forms/assets/js/min/ 63 KB
19 KB 494ms
489ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/plugins/ninja-forms/assets/js/min/front-end-deps.js?ver=3.6.20
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16de6b4fe0c75d453a8ebd7d04c8d04ef8f90a0a76a7a5754ec13c853bc043f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Mar 2023 02:58:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6411345a-faaa"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrvDt6chyeDxLQtxOqZyO5ky2iEFTNSCcShkzwF2Hb%2B1jR%2BGYDVjbI%2F2Pigiq7PHP9HC6v7mP2RuqiN7BfaLqECFI6fhFEmxf9xAd7q22jAySoOzHAIxNtAFpdvqA4%2BW3Uiu4O3Pow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3be0a37e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 front-end.js Show response
recover.novodetox.com/wp-content/plugins/ninja-forms/assets/js/min/ 101 KB
23 KB 498ms
494ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/plugins/ninja-forms/assets/js/min/front-end.js?ver=3.6.20
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85dc44d286ed0ef516a9beb2fe52ad3a281a5fce174725e1a9b72f1f5c60880f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Mar 2023 02:58:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6411345a-194e1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7zHspYJ%2BLgnHpOtYRr49FoICxnIzxIZbLbAK2UYRBzmtHdyBQdpmwli4Yq35jb54KTerpNYAoVEpWwYbM7s7sQ7oX2xyZ3SZzLxUyiTMXo3TEaqTRfG2pGb5hkKIe3%2B6Itvynumbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3be0d37e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 front-end.js Show response
recover.novodetox.com/wp-content/plugins/ninja-forms-style/layouts/assets/js/min/ 8 KB
3 KB 507ms
502ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/plugins/ninja-forms-style/layouts/assets/js/min/front-end.js?ver=3.0.29
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc228e912765cf8289347e62db1643b7efd84f84483d4e550ae97649f882dc0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 14:19:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61b21067-1f1f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VElExnsN2Vr1quH85QryCwJ2X%2BsqhGhd%2B8sOBmOFgvM9mWflj%2BeowoHDTjFSmwa%2BuVPKeftc%2F0r6ZXhcoHM%2Fq7SsTQ%2FSFa4McCm2JkaDaMpX%2F3YsntA77VMp5exbfiPOjqzfeds97w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3be1037e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.fitvids.js Show response
recover.novodetox.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 3 KB
2 KB 508ms
503ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.14.2
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 14:45:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61b21696-d15"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYyMOEVt9mnyBqmZPjCK%2Fq1PTAQp%2FL%2Bl2ui%2FVQjUv%2FnSE0lZzn%2BAq%2FyNtv2hHSLSPBlrcaff9QeqpsB%2FkUYPB3z0QTr7CrtW1EK2K8lH23%2Fb9I%2BWFphP2A7McaoykxX888C3l8pweA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3be1237e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 hashchange.js Show response
recover.novodetox.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 16 KB
6 KB 508ms
504ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/hashchange.js?ver=4.14.2
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92857c04210d76e4febf6a08cf182c5e9db652059579046159934f414d723266

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 14:45:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61b21696-3f97"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m04ITppUGhtunGXLVHsS4YKGrRCqizBm34WQepN9gA7df0PXZpJdTiHhGIyTn5Q3tSU%2B7P%2F9JvTOjMR6OyHU%2Fiju8toXYCYPL6T7qK1jmHVfXeK0RWbXuTARkSmi9gxZTU4LYz3yww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3be1637e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 magnific-popup.js Show response
recover.novodetox.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 22 KB
9 KB 509ms
504ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.14.2
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a47c6e6f24e634cb79f886e70bbfd65e1e85b0d2aa4fc133488fd1bc1910e3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 14:45:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61b21696-5902"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Lw731OZxvC7pJr7cjFq73prEHFOVv4ripSTKNdRfNeg3vYAPTcsM0zRTzGpFDz0w3PSoiP5BPcQKPRR8Aa6NehC4h1Eid7fNsvis2ST%2FwY46iwyrbKPzRBBiuiB5t3i6rFFkP4IYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3be1a37e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 salvattore.js Show response
recover.novodetox.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 8 KB
4 KB 509ms
505ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.14.2
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 14:45:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61b21696-217e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDc%2Bzm7r1TWaVZbBFwf%2BTrhXjZ1c4lVGvu1W5M8XaTG5op3ZQi6XHa29DouBwnnaX%2Ff46mzI%2FoElJq2FBg4Nv6woRNTf53RZ8LoMoPTGxO20y4ZcHFdun7oCKq9Shrwkx9wXA6c%2Blg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f3be1b37e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 142ms
54ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 04 Apr 2023 20:26:52 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8C0910C7694F4D698274ACFDF51722E8 Ref B: FRAEDGE1917 Ref C: 2023-04-04T20:26:53Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 106 KB
41 KB 157ms
87ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N7WK4V9

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e08fdb6c24f7e58f9fe8f7d00741f84fd05bf8fa49bb0e26c64ae54fa0e8df81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 42210
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 04 Apr 2023 20:26:53 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200 widget Show response
salesiq.zoho.com/ 133 KB
40 KB 570ms
190ms Script
text/javascript 136.143.191.67
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.com/widget?plugin_source=wordpress

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.191.67 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

4b0b7df8b1d4cb7fab0f25fcacf4eedae0ff425694c1d1b4044eac670dc9a166

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
Date: Tue, 04 Apr 2023 20:26:53 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
Server: ZGS
ETag: W/297b3929845f51ca23be831013bb3fb7a005df82870ab69d5fa1505373e7950d
Transfer-Encoding: chunked
vary: accept-encoding
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Connection: keep-alive
Expires: Tue, 04 Apr 2023 20:31:53 GMT

GET
H3 200 novo-detox-los-angeles-reax-around-pool.jpg
recover.novodetox.com/wp-content/uploads/2021/12/ 185 KB
186 KB 546ms
546ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://recover.novodetox.com/wp-content/uploads/2021/12/novo-detox-los-angeles-reax-around-pool.jpg
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/wp-content/et-cache/6/et-core-unified-deferred-6.min.css?ver=1679498645
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26803161016c2536fefff5e66a962f3614a529d0097df52ef3e6f838e44d4130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/wp-content/et-cache/6/et-core-unified-deferred-6.min.css?ver=1679498645
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 14:50:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61b217ba-2e46c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LzIa83SnTbi7UA6S0CuykMX5u%2BmlM%2FpFBHiUHvaRd9RZo6o0I2bZQvk5Ty%2FcbSlCxFdm5y6nfG9orCiruItDt7rW3fA%2Fn3dTzYQX1JxpLFx6g3Hhacqqo5MTzVOuCO19%2FvmFosCBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b2c49f3be1f37e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 189548

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 21 KB
21 KB 145ms
79ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd067b886f4a67dd25c08fe73777bce7f506beb4c09d17d9f036f8a90901efd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://recover.novodetox.com/
Origin: https://recover.novodetox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:34:32 GMT
x-content-type-options: nosniff
age: 35541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21516
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:12:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:34:32 GMT

GET
H2 200 ahccv8Cj3ylylTXzRBoIR-BRgA.woff2
fonts.gstatic.com/s/taviraj/v11/ 38 KB
38 KB 181ms
116ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/taviraj/v11/ahccv8Cj3ylylTXzRBoIR-BRgA.woff2

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82b9589cd602101bcc95397d7b14745bf4e049ae89ea3b492efd482fa0c9f1aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://recover.novodetox.com/
Origin: https://recover.novodetox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 17:31:00 GMT
x-content-type-options: nosniff
age: 10553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38704
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:16:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 17:31:00 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 22 KB
22 KB 96ms
31ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee901a5f44fcc6ea6ab97fb2751ce51af915d16dd99995a29a5905d2ce4b0831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://recover.novodetox.com/
Origin: https://recover.novodetox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:38:31 GMT
x-content-type-options: nosniff
age: 35302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22084
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:38:31 GMT

GET
H2 200 esDR31xSG-6AGleN2tukkA.woff2
fonts.gstatic.com/s/abeezee/v22/ 17 KB
18 KB 121ms
56ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/abeezee/v22/esDR31xSG-6AGleN2tukkA.woff2

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc0770f5a2d562ea5334bed0b1bc9b487903997c8087e9690c2ba132ff219987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://recover.novodetox.com/
Origin: https://recover.novodetox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:58:06 GMT
x-content-type-options: nosniff
age: 34127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17860
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:45:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:58:06 GMT

GET
H3 200 modules.ttf
recover.novodetox.com/wp-content/themes/Divi/core/admin/fonts/modules/all/ 90 KB
91 KB 548ms
547ms Font
application/octet-stream 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/wp-content/themes/Divi/style-static.min.css?ver=4.14.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

Referer: https://recover.novodetox.com/wp-content/themes/Divi/style-static.min.css?ver=4.14.2
Origin: https://recover.novodetox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 14:45:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61b21696-168f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6KusUHNpulI%2BwewjFHkt2IvhgAD7%2F8WXR%2B5j%2FXhmKHwP1skN8fUQYYBClLEd2yN71i363oDrtyHq2ABDndZdwvNjxoUlZj16n6WKofaTrJV3k4bfpAHX51z%2F0V%2FAXgCfNnZr7tylg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b2c49f3de3437e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92400

GET
H2 200 ahccv8Cj3ylylTXzRFIOR-BRgA.woff2
fonts.gstatic.com/s/taviraj/v11/ 37 KB
37 KB 173ms
108ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/taviraj/v11/ahccv8Cj3ylylTXzRFIOR-BRgA.woff2

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a6665bce527dc384fc831ca1be508d08bcca13ce37eeb8942aa03c63e8844ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://recover.novodetox.com/
Origin: https://recover.novodetox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 14:31:45 GMT
x-content-type-options: nosniff
age: 539708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38080
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:26:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Mar 2024 14:31:45 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 22 KB
22 KB 153ms
89ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVI.woff2

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1bdaf99aa3dd57a0ae937d03cc1e9097231716d15a5e1cfdfed3f8f524ec784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://recover.novodetox.com/
Origin: https://recover.novodetox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 11:37:21 GMT
x-content-type-options: nosniff
age: 31772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22132
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 11:37:21 GMT

GET
H2 200 ahccv8Cj3ylylTXzREIJR-BRgA.woff2
fonts.gstatic.com/s/taviraj/v11/ 36 KB
36 KB 161ms
97ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/taviraj/v11/ahccv8Cj3ylylTXzREIJR-BRgA.woff2

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d91dcf9ebe9f4be36343e4eafbaeb5c8408027b8055ef997a13de9ae6b58b1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://recover.novodetox.com/
Origin: https://recover.novodetox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:01:53 GMT
x-content-type-options: nosniff
age: 512700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36928
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:57:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Mar 2024 22:01:53 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 22 KB
22 KB 130ms
66ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17ec0c20d179cf39cbbb164c18165e8a35e9678d5602c8c4f6826ff457b0685e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://recover.novodetox.com/
Origin: https://recover.novodetox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:34:34 GMT
x-content-type-options: nosniff
age: 35539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22212
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:15:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:34:34 GMT

GET
H3 200 joint-commission-seal.png
recover.novodetox.com/wp-content/uploads/2022/03/ 67 KB
68 KB 542ms
541ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://recover.novodetox.com/wp-content/uploads/2022/03/joint-commission-seal.png
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ea1cd010c7f025b1718cff727c962f3875c3ab4d388646ee757488ed9a633b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
cf-cache-status: MISS
last-modified: Tue, 08 Mar 2022 15:52:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62277bd8-10d85"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRJqqJF3%2B4o6y5taJngQvRZOwclEfQPg5YIoG2%2BlHBGOYKFzV7vM9DV490dRySHUIvjp%2BjoTLcpBZJ2a6rKs9TALbEKDQkPkf%2F2LfpN97tnrgQHQvGi7k2OX07HT1%2F0gI8Fal90oEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b2c49f41ea237e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68997

GET
H3 200 guest.png
recover.novodetox.com/wp-content/plugins/widget-google-reviews/assets/img/ 593 B
1 KB 483ms
480ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://recover.novodetox.com/wp-content/plugins/widget-google-reviews/assets/img/guest.png
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03fdba476bf32618c3a56462d7b8ace915deeb85a16bdc5f84a8abf97dc27ae8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Mar 2023 07:48:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "641c0460-251"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iR%2BtSFF6%2BxZa4VXLzBj%2FusejvtQeYDmtHFsbdoA855NfEHUHc%2BOvoqXPAT8EZKvRwEAhHG06UluKYRbLPmMpzpif%2Bqhog8e2OLQq%2FLuGhgodlGqX14sx1vlMhbhGzblhV14tJNCBzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b2c49f41ea937e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 593

GET
H2 200 Humana-Logo.png
tdcgethelp.wpengine.com/wp-content/uploads/2021/10/ 3 KB
4 KB 727ms
392ms Image
image/png 34.75.26.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdcgethelp.wpengine.com/wp-content/uploads/2021/10/Humana-Logo.png
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.75.26.110 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.26.75.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a87793464db4c29591450d8c074fb7d230d6974f7517244815ccd1ea1ea5d44d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
last-modified: Wed, 08 Dec 2021 09:17:30 GMT
server: nginx
etag: "61b0782a-dfb"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3579

GET
H2 200 Cigna-Logo.png
tdcgethelp.wpengine.com/wp-content/uploads/2021/10/ 11 KB
12 KB 726ms
392ms Image
image/png 34.75.26.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdcgethelp.wpengine.com/wp-content/uploads/2021/10/Cigna-Logo.png
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.75.26.110 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.26.75.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: cef398a7d9da2dc08136d8e2ba42d0715cda8c40fdd64ed9a54b78620c15a948

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
last-modified: Wed, 08 Dec 2021 09:17:30 GMT
server: nginx
etag: "61b0782a-2dc0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 11712

GET
H2 200 BCBS-Logo.png
tdcgethelp.wpengine.com/wp-content/uploads/2021/10/ 23 KB
24 KB 714ms
380ms Image
image/png 34.75.26.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdcgethelp.wpengine.com/wp-content/uploads/2021/10/BCBS-Logo.png
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.75.26.110 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.26.75.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2e1d0c48d0707545aa1bf9ed05a709962720e94a42a0870bf077325dc8124cb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
last-modified: Wed, 08 Dec 2021 09:17:30 GMT
server: nginx
etag: "61b0782a-5d54"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 23892

GET
H2 200 Aetna-Logo.png
tdcgethelp.wpengine.com/wp-content/uploads/2021/10/ 14 KB
14 KB 726ms
393ms Image
image/png 34.75.26.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdcgethelp.wpengine.com/wp-content/uploads/2021/10/Aetna-Logo.png
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.75.26.110 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.26.75.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0bbfea67bf64ffbba2b799fb5c06d653450e649b9618812b1d0c6d3da222cc13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
last-modified: Wed, 08 Dec 2021 09:17:30 GMT
server: nginx
etag: "61b0782a-3607"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 13831

GET
H2 200 Badge-Icon.png
tdcgethelp.wpengine.com/wp-content/uploads/2021/10/ 5 KB
5 KB 643ms
391ms Image
image/png 34.75.26.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdcgethelp.wpengine.com/wp-content/uploads/2021/10/Badge-Icon.png
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.75.26.110 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.26.75.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4a2c47424dede828650d40a794b65c14d2e9f7197c615fb6b5c8ca99a5710277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
last-modified: Wed, 08 Dec 2021 09:17:30 GMT
server: nginx
etag: "61b0782a-13b7"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5047

GET
H2 200 Phone-Icon.png
tdcgethelp.wpengine.com/wp-content/uploads/2021/10/ 4 KB
5 KB 355ms
354ms Image
image/png 34.75.26.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdcgethelp.wpengine.com/wp-content/uploads/2021/10/Phone-Icon.png
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.75.26.110 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.26.75.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f7d5bd330d61ba3ab07dbe79409262057b6be7c8cd5855777a218cb773cd5a72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
last-modified: Wed, 08 Dec 2021 09:17:30 GMT
server: nginx
etag: "61b0782a-11a7"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4519

GET
H2 200 Home-Icon.png
tdcgethelp.wpengine.com/wp-content/uploads/2021/10/ 4 KB
4 KB 355ms
355ms Image
image/png 34.75.26.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdcgethelp.wpengine.com/wp-content/uploads/2021/10/Home-Icon.png
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.75.26.110 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.26.75.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 59feb71c70a87d3318521d850911665c138f4140555269b67693abde11bdf9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
last-modified: Wed, 08 Dec 2021 09:17:30 GMT
server: nginx
etag: "61b0782a-e05"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3589

GET
H2 200 Handshake-Icon.png
tdcgethelp.wpengine.com/wp-content/uploads/2021/10/ 7 KB
7 KB 355ms
355ms Image
image/png 34.75.26.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdcgethelp.wpengine.com/wp-content/uploads/2021/10/Handshake-Icon.png
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.75.26.110 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.26.75.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6d22ce626b935790cebb90d59fb7e0bfc67506beaa7ed93eb2250fd8003f2226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
last-modified: Wed, 08 Dec 2021 09:17:30 GMT
server: nginx
etag: "61b0782a-1ca8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7336

GET
H2 200 Pill-Icon.png
tdcgethelp.wpengine.com/wp-content/uploads/2021/10/ 5 KB
5 KB 356ms
355ms Image
image/png 34.75.26.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdcgethelp.wpengine.com/wp-content/uploads/2021/10/Pill-Icon.png
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.75.26.110 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.26.75.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f4249296e7e8e35f7b9238c9db332e11c8b6d8b230e4fe36e5ba3362ec799c0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
last-modified: Wed, 08 Dec 2021 09:17:30 GMT
server: nginx
etag: "61b0782a-1477"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5239

GET
H2 200 Checkmark-Icon.png
tdcgethelp.wpengine.com/wp-content/uploads/2021/10/ 4 KB
5 KB 356ms
356ms Image
image/png 34.75.26.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdcgethelp.wpengine.com/wp-content/uploads/2021/10/Checkmark-Icon.png
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.75.26.110 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.26.75.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ec47851c7f2b4e94b9d180e7d5562c12c73bcbdb29d2b3d04b9d692cc3c16220

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
last-modified: Wed, 08 Dec 2021 09:17:30 GMT
server: nginx
etag: "61b0782a-1181"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4481

GET
H2 200 137021427.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 130ms
130ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137021427.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

550744165dad97d58141272b528c3cc03f8a2d50c1a95ddd29b921138705713d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 04 Apr 2023 20:26:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C1B37030C28F467EAD69D8C46FD4B0DC Ref B: FRAEDGE1917 Ref C: 2023-04-04T20:26:53Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60
content-length: 1497

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 103ms
29ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-193464030-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 04 Apr 2023 20:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1301
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 04 Apr 2023 22:05:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
72 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-417659142&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-193464030-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

376dc1078c199456079280d24578f1913c8b48cee1a5e724fbaa586a7ccee6e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 04 Apr 2023 20:26:53 GMT

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=24bee1aa8b49a9f&seg=trupathrecovery
https://a.clickcertain.com/px/smart/a/?c=24bee1aa8b49a9f&seg=trupathrecovery
https://a.clickcertain.com/px/?c=24bee1aa8b49a9f

3 KB
2 KB

248ms
205ms

Script
text/javascript

2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=24bee1aa8b49a9f
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a647847e4415a510c572ab3fdf8b43d2111026e7ff344d8bf98dab8a299e889e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
content-encoding: br
x-frontend: cc-nginx-64757f797b-jdrll:cc-nginx-64757f797b-jdrll
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: b77044ff-856c-4bee-bd2f-4b2fd39dd92a
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ee8ijNXGaKk%2FsjsTA%2FxxheQXaEJqf%2BZuwq1oJUlsqylbRVYDv%2BX5WyYTg5MANjK26Lu700I6tua7VtjMnhxUFQ64i%2FzQEt%2BCjWVVx%2BuUw2L4dbet2GiXFYarYS0N%2FCgwdDqZ6ovJ34Nz6SdWobJO9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7b2c49f94c5591cf-FRA

Redirect headers

date: Tue, 04 Apr 2023 20:26:54 GMT
x-frontend: cc-nginx-64757f797b-68cwr:cc-nginx-64757f797b-68cwr
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: c31c9d11-19b9-41c1-a261-a2a02f5058fb
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1BGhee4sW2KWYwG%2FqbRCu3SxUBDgM65dMQd1lPSCoTnAUczIF5p2WjTIbgnc2AM7A3FoORINmFIlt4Qiuk5dJuDEculwD5PAuWJd1mRi9nr%2BnxHpaBCskIPA%2BPibr1pGPpHtrJC8R7Ahd1IGbJvGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=24bee1aa8b49a9f
cf-ray: 7b2c49f7dae791cf-FRA

GET
H2 200 cl468714yf3uz9.js Show response
cdn.js.customerlabs.co/ 159 KB
159 KB 795ms
676ms Script
binary/octet-stream 18.66.17.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.js.customerlabs.co/cl468714yf3uz9.js
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.17.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-17-102.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a43a17c8053b1540584bbedfe1e864cef3765e3e9fead491744751b77f75567

Request headers

Referer: https://recover.novodetox.com/
Origin: https://recover.novodetox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:55 GMT
x-amz-version-id: oRr1am7gTbmYJgILTk4L7scNG1NLT1rQ
via: 1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 162363
last-modified: Wed, 25 Jan 2023 15:50:35 GMT
server: AmazonS3
etag: "c8d3afbedd50c3a2d688adedb334a8c1"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag, x-amz-meta-custom-header
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: sHrYAFIWroPf5hBpn4xOXVttHFIXm_cYl_Hr4xSABvc5HBNQiKzJLA==

GET
H2 200 universal-script Show response
184079.t.hyros.com/v1/lst/ 0
0 405ms
127ms Script
text/javascript 34.199.5.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://184079.t.hyros.com/v1/lst/universal-script?ph=0d2f59805414ae6c1594cbe0c765f069d6b5531b4658e828f101a79d4c2a14fe&tag=!clicked
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.5.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-5-193.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
85 KB 48ms
44ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M0QXYDY3BP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7WK4V9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36ba4f81bcac8c8bc0844cea2c7afe83d1fc809eaa1f4c15650e376619c74eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86792
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 04 Apr 2023 20:26:53 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
83 KB 51ms
47ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4WFJKEWSD2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7WK4V9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c2c76d0202f566e30a9efb48493706b2e2aaafdccf4cf7ddca3e85d49c309cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 04 Apr 2023 20:26:53 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/417659142/ 3 KB
2 KB 150ms
73ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/417659142/?random=1680640013649&cv=11&fst=1680640013649&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&hn=www.googleadservices.com&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&auid=1168834772.1680640014&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-417659142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2a46dd077f95c893ab73345547a2981f543ba44ae9f7eeb8e46d7a15cd2424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1222
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 98ms
31ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-417659142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 19:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Apr 2023 20:38:48 GMT

GET
H2 200 137021427 Show response
www.clarity.ms/tag/uet/ 803 B
1 KB 240ms
127ms Script
application/x-javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/137021427
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/137021427.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1a29d402641f0f50873526ff6fc1d52c4123a52320a66ff82334c3eddd9dc9df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: application/x-javascript
date: Tue, 04 Apr 2023 20:26:53 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0DogsZAAAAADx8CpRRm5ZTqebsRJM8sElRlJBMzFFREdFMDkyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 38ms
37ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=982654801&t=pageview&_s=1&dl=https%3A%2F%2Frecover.novodetox.com%2F&ul=en-us&de=UTF-8&dt=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1040748597&gjid=1987007205&cid=41120696.1680640014&tid=UA-193464030-1&_gid=271526015.1680640014&_r=1&gtm=457e3430&jsscut=1&z=527627263

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://recover.novodetox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://recover.novodetox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 138ms
41ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M0QXYDY3BP&gtm=45je3430&_p=982654801&cid=41120696.1680640014&ul=en-us&_geo=1&_rdi=1&_s=1&sid=1680640013&sct=1&seg=0&dl=https%3A%2F%2Frecover.novodetox.com%2F&dt=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0QXYDY3BP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://recover.novodetox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 139ms
42ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4WFJKEWSD2&gtm=45je3430&_p=982654801&cid=41120696.1680640014&ul=en-us&_geo=1&_rdi=1&_s=1&sid=1680640013&sct=1&seg=0&dl=https%3A%2F%2Frecover.novodetox.com%2F&dt=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4WFJKEWSD2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://recover.novodetox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/417659142/ 42 B
455 B 151ms
52ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/417659142/?random=1680640013649&cv=11&fst=1680638400000&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1084442890&rmt_tld=0&ipr=y

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/417659142/ 42 B
455 B 123ms
44ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/417659142/?random=1680640013649&cv=11&fst=1680638400000&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1084442890&rmt_tld=1&ipr=y

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.min.css
recover.novodetox.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 481ms
481ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"636e62ad-172a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zczrUHIeFoeyim7y8b6XbwhbIFirsbZNg7EReEIHoxKIB5JzycIKyT9FF75bLuSdG%2BkNsu%2BgDFVFmDSiewltmFQVQdZqu4WDx4FUwflrns5Z%2BzOqvOBylDzSzG1e2idtPlbKaMNEqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7b2c49f75bb237e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
55 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 09:21:19 GMT
x-content-type-options: nosniff
age: 299135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55675
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 22:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 31 Mar 2024 09:21:19 GMT

GET
H2 204 0
bat.bing.com/action/ 0
285 B 56ms
56ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137021427&Ver=2&mid=be8473bd-caab-4034-9976-f2f15149975b&sid=09d8fc80d32711edbd4f6f5f37f06912&vid=09d92140d32711ed955e758030f7f6dc&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&p=https%3A%2F%2Frecover.novodetox.com%2F&r=&lt=1665&evt=pageLoad&sv=1&rn=299830

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 04 Apr 2023 20:26:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 639F846EF18B487EA736608A995B0698 Ref B: FRAEDGE1917 Ref C: 2023-04-04T20:26:54Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AOh14Gh4FcycTy84lFLpuPC0ZwvwyvoSmufyrNZbwRaQ=s56-c0x00000000-cc-rp-mo
lh3.googleusercontent.com/a-/ 8 KB
8 KB 625ms
516ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14Gh4FcycTy84lFLpuPC0ZwvwyvoSmufyrNZbwRaQ=s56-c0x00000000-cc-rp-mo

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cf3877ae383aa387a9c9a57639fd70e390e86d45c88d81968d5266e7b545cb64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
x-content-type-options: nosniff
server: fife
etag: "v5"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8371
x-xss-protection: 0
expires: Wed, 05 Apr 2023 20:26:54 GMT

GET
H2 200 AATXAJzDwapc_ZxfjShWulte9IB3WPA1PQtt8sNmX-c=s56-c0x00000000-cc-rp-mo
lh3.googleusercontent.com/a/ 1 KB
1 KB 295ms
186ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a/AATXAJzDwapc_ZxfjShWulte9IB3WPA1PQtt8sNmX-c=s56-c0x00000000-cc-rp-mo

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

95a29e7c662ae4e28e4064788ced1c863a480a2f26037f0f4e278397c0569b04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1173
x-xss-protection: 0
expires: Wed, 05 Apr 2023 20:26:54 GMT

GET
H2 200 AOh14Gj44SukBoDCjGaB4ktNz7hvdM1tnTOb8wrQhaAH=s56-c0x00000000-cc-rp-mo-ba2
lh3.googleusercontent.com/a-/ 7 KB
7 KB 488ms
378ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14Gj44SukBoDCjGaB4ktNz7hvdM1tnTOb8wrQhaAH=s56-c0x00000000-cc-rp-mo-ba2

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2f51b43c4f1892d2d8840a888490afb5b52802f4e35cb84bbe36a822b1bc0d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
x-content-type-options: nosniff
server: fife
etag: "v5"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6754
x-xss-protection: 0
expires: Wed, 05 Apr 2023 20:26:54 GMT

GET
H2 200 AOh14Gg05S72nqvhGPCSil3EUAg29D09hevez1G7h5NE=s56-c0x00000000-cc-rp-mo
lh3.googleusercontent.com/a-/ 7 KB
7 KB 493ms
384ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14Gg05S72nqvhGPCSil3EUAg29D09hevez1G7h5NE=s56-c0x00000000-cc-rp-mo

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b95d245dcb6b43ce640956e2941b0dd6028b64327041fe3794a83896a509350c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
x-content-type-options: nosniff
server: fife
etag: "v5"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7541
x-xss-protection: 0
expires: Wed, 05 Apr 2023 20:26:54 GMT

GET
H2 200 AOh14GiYKvCyRFgJhlB2zNi3QhMKqygQ0dggSfeV-H2o=s56-c0x00000000-cc-rp-mo
lh3.googleusercontent.com/a-/ 1 KB
1 KB 149ms
42ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/AOh14GiYKvCyRFgJhlB2zNi3QhMKqygQ0dggSfeV-H2o=s56-c0x00000000-cc-rp-mo

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

69ec8c65f4b4fc1ca9454dff01ff4732ec087197976550ed74565ac1ab9abfe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1119
x-xss-protection: 0
expires: Wed, 05 Apr 2023 20:26:54 GMT

GET
H3 200 novo-detox-7-400x284.jpg
recover.novodetox.com/wp-content/uploads/2021/12/ 93 KB
93 KB 559ms
546ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://recover.novodetox.com/wp-content/uploads/2021/12/novo-detox-7-400x284.jpg
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5243fd876f8a46b67bd23964cd1b39ff8ba2eb614543726f9a876df8443e17ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 14:50:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61b217b7-1726f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqJ1GqMuVKA89I4Q02FEPEb8Q14yo%2BeOIEUJMxgKe68Rq3iNFzYmFh5ucR0FtpUt0oUuKbM6Avlbbw%2Bl7NM9qnXOsxrUkbEbPZai6NzYDm%2B%2FOkVPUDpQomKkRiYWr2oca7dYdULo4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b2c49f87db237e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94831

GET
H3 200 novo-detox-5-1024x683-1-400x284.jpg
recover.novodetox.com/wp-content/uploads/2021/12/ 60 KB
60 KB 568ms
554ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://recover.novodetox.com/wp-content/uploads/2021/12/novo-detox-5-1024x683-1-400x284.jpg
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5770f310b74c597638b0bce2befc0edea22454df2aaaad3b2c8f8231bff375c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 14:50:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61b217b5-ef27"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUxiinLyJDg46%2B3UCV84nkxnziE4kbp8mKYh7dcYCIUTMq0b2SFidy5oYPVD2xl3Ybr%2B%2FEtXUoabGN6Lot3Ls0c%2BiDdYaa0KDxzIy5wzPwK8zHMxVMpYr95cMF44KZypiqF9G9eygQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b2c49f87db637e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61223

GET
H3 200 novo-detox-1-1024x683-1-400x284.jpg
recover.novodetox.com/wp-content/uploads/2021/12/ 55 KB
56 KB 354ms
339ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://recover.novodetox.com/wp-content/uploads/2021/12/novo-detox-1-1024x683-1-400x284.jpg
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbce3d1d856be0de5bdd7788ca52dbdad4834f06d26977ce2853e0502be38619

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 14:50:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61b217b3-dce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8%2F4Wn3H66Dv9Qo5b25VXAtVj3LXG2Vc5f1LMssdroioJSUwGqw%2BUa5Aqf4aYAXRfQdlmf9BwDt102nHhX71BfmCVVQjX%2FmuvH9LGmZwcWrsCCqETft6GAqLCXi5dJ0Yki1o7REQZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b2c49f87db937e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56547

GET
H3 200 novo-los-angeles-real-estate-20170810-007web-1200x800-1-400x284.jpg
recover.novodetox.com/wp-content/uploads/2021/12/ 53 KB
53 KB 562ms
546ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://recover.novodetox.com/wp-content/uploads/2021/12/novo-los-angeles-real-estate-20170810-007web-1200x800-1-400x284.jpg
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cc4d4eb7108c9f6652c4e3c08cfb2838b33bb8e7c454368ee0b175363159064

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 14:50:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61b217bd-d41d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHjcWIhIMaIzfbGjtmerBfzuaH6jFxV07IG1md%2FPRBbdaXY0Z5mCOfrq3BXr9II4qfQ4a5%2BWKSHnCST0XaZ3gswwLSyh2spR66Sl0aTi7yO4eMxTpob1DwrNDVuP%2FjuInSztRw%2BuVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b2c49f88dca37e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54301

GET
H3 200 novo-los-angeles-real-estate-20170810-004web-1200x800-1024x683-1-400x284.jpg
recover.novodetox.com/wp-content/uploads/2021/12/ 22 KB
22 KB 459ms
444ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://recover.novodetox.com/wp-content/uploads/2021/12/novo-los-angeles-real-estate-20170810-004web-1200x800-1024x683-1-400x284.jpg
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea760008cc69c29a8cb1ce39496e0c699dd0f8a4f02726ab555b3b0f9def28b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 14:50:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61b217bb-566c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0Wu0LKJa3y1Pl4dM%2Bc6p5SnardkS5HWfQWxmwHYQOyJA47duJsvB7%2BQECM1Ogx4Ogs6PwF5Clkfva9f86%2BDQbePvwoZntW7Yf1ZW0AiiTP3kuYGDyEXND4l65JXfZ5Wl1oGiwDJwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b2c49f88dcb37e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22124

GET
H3 200 dine-at-novo@2x-1024x880-1-400x284.jpg
recover.novodetox.com/wp-content/uploads/2021/12/ 35 KB
36 KB 468ms
453ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://recover.novodetox.com/wp-content/uploads/2021/12/dine-at-novo@2x-1024x880-1-400x284.jpg
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1725aecf1e4b2ab0dd12adb76284a91b0131368f8051123640fd613625fbeb73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Dec 2021 14:50:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61b217b2-8c5b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgWUKF%2FvR1fYhq9R2z5aXHt4TQ6JyB69G2FEf4ixMORb9Y%2FHffNc2EYu01jDzTn9xAl243Ysd9e0%2FeExnai3FP9Vt5BJxi6rYS6wChNWwXf62VBc0aALBhpI3OHM%2BK8QkAtuV1E6mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b2c49f88dcc37e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35931

GET
H2

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/417659142/wcm?cc=ZZ&dn=855450NOVO&cl=1BV9CKuVp5wDEIbyk8cB&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=855450NOVO&cl=1BV9CKuVp5wDEIbyk8cB

80 B
244 B

85ms
37ms

XHR
application/json

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=855450NOVO&cl=1BV9CKuVp5wDEIbyk8cB

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: null
content-type: application/json; charset=UTF-8
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0

Redirect headers

date: Tue, 04 Apr 2023 20:26:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=855450NOVO&cl=1BV9CKuVp5wDEIbyk8cB
access-control-allow-origin: https://recover.novodetox.com
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 fontawesome-webfont.woff2
recover.novodetox.com/wp-content/plugins/ninja-forms/assets/fonts/ 65 KB
66 KB 557ms
556ms Font
font/woff2 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://recover.novodetox.com/wp-content/plugins/ninja-forms/assets/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/wp-content/plugins/ninja-forms/assets/css/font-awesome.min.css?ver=6.1.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://recover.novodetox.com/wp-content/plugins/ninja-forms/assets/css/font-awesome.min.css?ver=6.1.1
Origin: https://recover.novodetox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Mar 2023 02:58:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6411345a-10440"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJqgekSy4KuOSsMA7%2FP%2Bph6ZM3nDmieeCLzKXQc7sfGR3QmLNMBZQpH1xsSJpvK3aX96biADXDPNVQxnIcQpKtpTiZu6Sd7s%2Bgi%2BB%2BFj4a2U2rO2MdXRhsvT0S15ox0njCVsqsw7%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b2c49f8fe9637e0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66624

GET
H/1.1 200 website Show response
salesiq.zoho.com/visitor/v2/channels/ 22 KB
10 KB 275ms
247ms XHR
application/json 136.143.191.67
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.com/visitor/v2/channels/website?widgetcode=158dd305282496dd12b7e19c024742b618d68e2d0432f5050252a8d14dff4623&internal_channel_req=true&language_api=true&browser_language=en&current_domain=https%3A%2F%2Frecover.novodetox.com&pagetitle=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&include_fields=avuid

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget?plugin_source=wordpress

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.191.67 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

ed3cfa7b4e54f817705b41842e5852870bf7496e039e2f851dcdaa35dc2011f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 04 Apr 2023 20:26:54 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1
Server: ZGS
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://recover.novodetox.com
Content-Language: de-DE
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Encoding: UTF-8
Access-Control-Allow-Headers: Content-Type,x-siq-internal-channel

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-c-sc/s/0.7.6/ 56 KB
19 KB 63ms
30ms Script
application/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-c-sc/s/0.7.6/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/137021427
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:53 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-azure-ref-originshield: 0PTAsZAAAAAChMzLVk6jHRYV1aEXn+utgRlJBMjMxMDUwNDE3MDM1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d9664092258d8a"
x-azure-ref: 0DogsZAAAAABg1Zg/wi0TTo9rbZNsJG4+RlJBMzFFREdFMDkyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
301 B 579ms
262ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c-sc/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://recover.novodetox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://recover.novodetox.com
Date: Tue, 04 Apr 2023 20:26:55 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 / Show response
a.clickcertain.com/px/cont/ Frame 5DF8 1 KB
981 B 290ms
286ms Document
text/html 2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&cn=DE
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=24bee1aa8b49a9f&seg=trupathrecovery
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ae689ef158531358d6b100ebb4cca30218905c2cf57e554b7d705cc27bf49a9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7b2c49facde491cf-FRA
content-encoding: br
content-type: text/html
date: Tue, 04 Apr 2023 20:26:54 GMT
etag: W/"Njc3ZjYwZjhnZWFmNmc0NTVjZ2JkMzZnYmYyNzA2YTM4ODk3LXow"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5x4S49z3uSEHoM%2FYu6Th2Kn41K9yEjjSGj23Lv0Tfzh22p9IHGiSSh7fncNlxyb5QzA0EFikUADJ7BKncpPpLrhRb%2BjjlnljVjryq%2FRuWGUHDhk83KFo5X%2Bkn9%2FLok%2FgnEf1VBtJATI%2FL2%2BhUUU1g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frontend: cc-nginx-64757f797b-mw6gl:cc-nginx-64757f797b-mw6gl
x-requestid: d82ad027-7afd-4100-a68c-0245a5581ad0

GET
H2 200 buttontheme1_2e2fdd44136c734caea2fd47ebfd3209_.css
css.zohocdn.com/salesiq/styles/ 48 KB
12 KB 535ms
429ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/buttontheme1_2e2fdd44136c734caea2fd47ebfd3209_.css

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget?plugin_source=wordpress

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

79a328429c2ed4f6e61dce36d8146719d2f24bc1d388cf41f63ac3ce2d850592

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 11588
x-xss-protection: 1
last-modified: Mon, 27 Mar 2023 14:23:36 GMT
server: ZGS
nb-request-id: 37759f989adf7dd6451432a30fe87bd3
etag: "65b8401d30af8e1556c68edba7825de0"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-80c58414a19d43ac84b24a966dabe980
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 newbutton_ec01f33b85311664507f4c5df9e97ad2_.js Show response
js.zohocdn.com/salesiq/js/ 33 KB
12 KB 544ms
438ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/js/newbutton_ec01f33b85311664507f4c5df9e97ad2_.js

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget?plugin_source=wordpress

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

1acdd35bb2ff4cc62a46ac39032bfcc8415687f2e5baabb9616e3ede36a5871c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 11238
x-xss-protection: 1
last-modified: Mon, 27 Mar 2023 14:24:02 GMT
server: ZGS
nb-request-id: 5bd736a84ea3c499de733acfaf8f84a1
etag: "986e8f97af04aeb0823e9a11fccbcea0"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-45d31550035647e2a00220c7ac9affb8
accept-ranges: bytes
timing-allow-origin: *

GET
H2

204

/
a.clickcertain.com/px/ta/ Frame 5DF8
Redirect Chain

https://a.clickcertain.com/px/ta/?ccid=677f60f8-eaf6-455c-bd36-bf2706a38897
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=677f60f8-eaf6-455c-bd36-bf2706a38897&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=677f60f8-eaf6-455c-bd36-bf2706a38897&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
https://a.clickcertain.com/px/ta/?done=true&ta_id=cf92526c-5afa-4cdf-8fb2-7a75ab9926d1

0
494 B

157ms
143ms

Image
text/plain

2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/ta/?done=true&ta_id=cf92526c-5afa-4cdf-8fb2-7a75ab9926d1
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&cn=DE
Protocol: H2
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:55 GMT
x-frontend: cc-nginx-64757f797b-bdhm9:cc-nginx-64757f797b-bdhm9
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: c14152fb-9e6d-4494-8f1a-d16f1ac21edd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdZiXW1f0NyX%2FDNPcwg18fNxGylsXuBNHJf05nSCTorAy7iQVMIT14tSxiR%2BQPBFd9I1EPXzLqQdSuwHIYYz6tboHlSgUU5UuI8GZfVO1tYuH%2FpQ8oCylOV2cPgeKwo4NbDLL9OI9UkgOm955pibsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b2c49ffbaf791cf-FRA

Redirect headers

date: Tue, 04 Apr 2023 20:26:55 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://a.clickcertain.com/px/ta/?done=true&ta_id=cf92526c-5afa-4cdf-8fb2-7a75ab9926d1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

/
a.clickcertain.com/px/t/ Frame 5DF8
Redirect Chain

https://a.usbrowserspeed.com/cs?puid=c96d2ead-fc1c-5978-a703-af35ae661ff4&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256...
https://a.clickcertain.com/px/t/?done=true&uid=0bb6d8b8-3cf2-4a19-a207-2fe39d9b2883&hem=

0
357 B

305ms
304ms

Image
text/plain

2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/t/?done=true&uid=0bb6d8b8-3cf2-4a19-a207-2fe39d9b2883&hem=
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&cn=DE
Protocol: H2
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:56 GMT
x-frontend: cc-nginx-64757f797b-mw6gl:cc-nginx-64757f797b-mw6gl
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 48cd5071-6d7a-4807-b718-e9f6ca7a9faa
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyANrKBjqOuRg4EoETm%2BjM5h5bdf%2BoMfyFOO0jeATsVJGBLui8QhYhhumLUTxkG794wSQjsfevjrPnrzGcNTdqFA7G6PJAD%2FUsEYVvEGU4eTVO0YPqsyaZOWF6v42LjEAG1U46opnmOtoupEuvXz4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b2c4a029d7a91cf-FRA

Redirect headers

location: https://a.clickcertain.com/px/t/?done=true&uid=0bb6d8b8-3cf2-4a19-a207-2fe39d9b2883&hem=
date: Tue, 04 Apr 2023 20:26:55 GMT
server: awselb/2.0
content-length: 119
content-type: text/html; charset=utf-8

GET
H/1.1

400
Bad Request

fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 5DF8
Redirect Chain

https://match.prod.bidr.io/cookie-sync/fivebyfive
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

27 B
27 B

375ms
55ms

Image
text/plain

52.214.236.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Requested by

Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&cn=DE

Protocol

HTTP/1.1

Server

52.214.236.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-236-0.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 04 Apr 2023 20:26:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date: Tue, 04 Apr 2023 20:26:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 5DF8
Redirect Chain

https://a.clickcertain.com/px/r/?ccid=677f60f8-eaf6-455c-bd36-bf2706a38897
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=677f60f8-eaf6-455c-bd36-bf2706a38897&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%2...
https://a.clickcertain.com/px/li/?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25...
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D677f60f8%2Deaf6%2D455...
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&anx_uId=$UID
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D677f60f8-eaf6-455c-bd36-bf2706a38897%26anx_uId%3D%24UID
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&anx_uId=522215943908136076
https://x.bidswitch.net/sync?dsp_id=179&user_id=677f60f8-eaf6-455c-bd36-bf2706a38897&expires=5&user_group=0
https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=677f60f8-eaf6-455c-bd36-bf2706a38897&expires=5&user_group=0

43 B
344 B

30ms
30ms

Image
image/gif

3.120.68.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=677f60f8-eaf6-455c-bd36-bf2706a38897&expires=5&user_group=0
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&cn=DE
Protocol: H2
Server: 3.120.68.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-68-67.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=179&user_id=677f60f8-eaf6-455c-bd36-bf2706a38897&expires=5&user_group=0
date: Tue, 04 Apr 2023 20:26:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 193f0456 Show response
tag.trovo-tag.com/ Frame 3AB0 490 B
761 B 210ms
45ms Document
text/html 18.66.122.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.trovo-tag.com/193f0456
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&cn=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-56.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 56cff97e7fe5e25830efc4b449eb38041f85358c1f41368d1b47506a6865b815

Request headers

Referer: https://a.clickcertain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 490
content-type: text/html
date: Tue, 04 Apr 2023 20:26:55 GMT
server: CloudFront
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-amz-cf-id: A-pwR5YVdGG-p6YihHC0U6VIeX8czRVmvHiZ8Gjb5l3lKjYLsUfQNQ==
x-amz-cf-pop: FRA60-P2
x-cache: LambdaGeneratedResponse from cloudfront

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 110 KB
29 KB 109ms
31ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9efbdb8744598d9c718568a6b594ffb62ebe6f4023de616ef4d12ff05cb433e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 04 Apr 2023 20:26:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28399
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 2MRZ81WnjNU+aRIqqAuUf16QJgWBSohJcFsB4DfsbP+ci7AkDC949jSjW1hrkZ8awwJU3MbOjhalygc47OFIsA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
72 KB 67ms
66ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-417740078&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-193464030-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9b885fad5de458413b37ebb091d4fdcdff50cf6ed0103e97a9c2f63f7ac9f9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73254
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Apr 2023 20:26:54 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/417740078/ 3 KB
1 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/417740078/?random=1680640015041&cv=11&fst=1680640015041&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&hn=www.googleadservices.com&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&auid=1168834772.1680640014&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-417740078&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9375e587b58b6374935074999e89e3f245ed0711b44846706300d4bfa47e985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1222
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
a.clickcertain.com/px/img/g/ Frame 3AB0
Redirect Chain

https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=0a6cd5a0-d327-11ed-99e1-5d8605ad40a4
https://a.clickcertain.com/px/smart/a/?partner_id=193f0456&type=img&c=24d1add2443e239&partner_rid=0a6cd5a0-d327-11ed-99e1-5d8605ad40a4
https://a.clickcertain.com/px/img/?c=24d1add2443e239
https://a.clickcertain.com/px/img/g/?start_cm=1
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1
https://a.clickcertain.com/px/img/g/?google_gid=CAESEOXrFft1CB7I5leipPWKAuA&google_cver=1

0
469 B

671ms
671ms

Image
text/plain

2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/img/g/?google_gid=CAESEOXrFft1CB7I5leipPWKAuA&google_cver=1
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol: H2
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:56 GMT
x-frontend: cc-nginx-64757f797b-vcjpd:cc-nginx-64757f797b-vcjpd
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: f242a1e6-8d93-4924-ac86-087b649b6b53
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FZ3fYSkO1QQYteAVAxFFmmTInFFUQ56f5HirgKkaRk3qh7jmebgiYrEGfXY7lPl3WG1viOxyGYgahNqcxvc%2FP8o4vdkXTi4NELpgauxkEssm75i8bWu051n2N5X5p50huqaSwJA8dTZAJIYXYhKVA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b2c4a05d87991cf-FRA

Redirect headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.clickcertain.com/px/img/g/?google_gid=CAESEOXrFft1CB7I5leipPWKAuA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 lds
a.usbrowserspeed.com/ Frame 3AB0 0
149 B 578ms
228ms Image
text/plain 52.10.142.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.usbrowserspeed.com/lds?pid=193f0456&rurl=https%3A//a.clickcertain.com/
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.142.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-142-145.us-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:55 GMT
server: awselb/2.0

GET
H/1.1

400
Bad Request

fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 3AB0
Redirect Chain

https://match.prod.bidr.io/cookie-sync/fivebyfive
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

27 B
27 B

113ms
57ms

Image
text/plain

52.214.236.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Requested by

Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456

Protocol

HTTP/1.1

Server

52.214.236.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-236-0.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 04 Apr 2023 20:26:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date: Tue, 04 Apr 2023 20:26:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 33ms
31ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 04 Apr 2023 20:26:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ah+AVydDBXRQfqHhxzeEt8UeBP1//pAemGCWpZIOTLGENRjCbd6Zpy48ah9qiDBHkZ5GL72JIBC3+EcPwgZ33w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 874753729204982 Show response
connect.facebook.net/signals/config/ 150 KB
41 KB 495ms
494ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/874753729204982?v=2.9.100&r=canary

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

695e4af2e0c3efd05fd5148cd73ae97095837a57f1b9d289b2294b45af15879f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 04 Apr 2023 20:26:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 9g2rvK8Dg+s5l1kKt72HhaVRk7uYE9AE/LDKloX1E5fkFztFJ0RWtmc6E1eRfu2H7DM5QyyDkGg9BOXtE+gFTg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 float_8be4374c3228dfc95e54d8ea8096342a_.ttf
css.zohocdn.com/salesiq/styles/fonts/float/ 1 KB
1 KB 131ms
35ms Font
font/ttf 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/fonts/float/float_8be4374c3228dfc95e54d8ea8096342a_.ttf

Requested by

Host: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/styles/buttontheme1_2e2fdd44136c734caea2fd47ebfd3209_.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

5a97624cffe3f1b21127be4b588587d68f520fbe80aae2bb3acbdde17c0ea141

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://css.zohocdn.com/salesiq/styles/buttontheme1_2e2fdd44136c734caea2fd47ebfd3209_.css
Origin: https://recover.novodetox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 906
x-xss-protection: 1
last-modified: Wed, 16 Nov 2022 12:59:57 GMT
server: ZGS
nb-request-id: 7107a0768611afcd81345828224acd05
etag: "4c5578b6975e326c3bfea8954ffaa2d4"
vary: Accept-Encoding
content-type: font/ttf
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-56c886d01da14a7d9e1703d0330c436d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
www.google.com/pagead/1p-user-list/417740078/ 42 B
108 B 71ms
50ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/417740078/?random=1680640015041&cv=11&fst=1680638400000&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3991474450&rmt_tld=0&ipr=y

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/417740078/ 42 B
64 B 79ms
66ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/417740078/?random=1680640015041&cv=11&fst=1680638400000&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3991474450&rmt_tld=1&ipr=y

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=24bee1aa8b49a9f&seg=home&partner_id=cl468714yf3uz9ae39104f-1464-490a-addc-83d2fb052648
https://a.clickcertain.com/px/smart/a/?seg=home&c=24bee1aa8b49a9f&partner_id=cl468714yf3uz9ae39104f-1464-490a-addc-83d2fb052648
https://a.clickcertain.com/px/?c=24bee1aa8b49a9f

3 KB
2 KB

555ms
554ms

Script
text/javascript

2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=24bee1aa8b49a9f
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: H2
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631b17bac810e312d782e29862030cb220e1cf49f694ead531e110bad9788fd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:56 GMT
content-encoding: br
x-frontend: cc-nginx-64757f797b-vcjpd:cc-nginx-64757f797b-vcjpd
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: f48dc477-cfae-45e9-b0e6-26e901f867c2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gA7RB2t7VyTijvqhWoqrDuKtVM5nc0iZ%2Bf6vTxga3Gd7UUHdrGfag6F2pN6kiRNyi6qOMgKLL8PdDRw7ptl8VCTiT0Nn725E2bPEsDL1cbNAA17YO%2FOXQ3361VNFvkOAFK3LU0HI7cZHJpO9q6wxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7b2c4a04af4c91cf-FRA

Redirect headers

date: Tue, 04 Apr 2023 20:26:56 GMT
x-frontend: cc-nginx-64757f797b-jdrll:cc-nginx-64757f797b-jdrll
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: c710df1a-0e2a-4ec3-aa3c-24302cc29ea0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2osw5m79IO7DJJEe%2BoxAg8dlea5Tbpo3OOw2KlphQoNtchoutFNjMme3qedEADtkwIwndc2HU5vOK7jg6rPMUSRlboE9uMBPOteFEofIUgXew7vafZVLSlbr1bsx0Ak9hLB7GkNbC%2Blqw7DwYZc15A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=24bee1aa8b49a9f
cf-ray: 7b2c4a019c9191cf-FRA

GET
H/1.1 200
OK externalIds
io.v2.customerlabs.co/ 0
0 604ms
187ms Image
application/json 34.195.214.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl468714yf3uz9ae39104f-1464-490a-addc-83d2fb052648&id=cl468714yf3uz9&uid=cl468714yf3uz9ae39104f-1464-490a-addc-83d2fb052648
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.214.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-214-14.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
301 B 114ms
114ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c-sc/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://recover.novodetox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://recover.novodetox.com
Date: Tue, 04 Apr 2023 20:26:55 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 buttonthemepostload_f0f4e07c8145806126345918267a21f2_.css
css.zohocdn.com/salesiq/styles/ 67 KB
16 KB 71ms
70ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/buttonthemepostload_f0f4e07c8145806126345918267a21f2_.css

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/newbutton_ec01f33b85311664507f4c5df9e97ad2_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

fb89c81abb4f5f5d0756db47466a865c49935156d16fb2187652860f3b85de37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15364
x-xss-protection: 1
last-modified: Mon, 27 Mar 2023 14:24:05 GMT
server: ZGS
nb-request-id: 8edb9765efe7eac7fba347327e323622
etag: "e9d656c7c85e35e37f46f659d518a492"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-bef10fc3f70e4b44b26195429ad40ea1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 newembedtheme_07bc3549ee9f632fb2a136a4f93fd0a8_.css
css.zohocdn.com/salesiq/styles/ Frame 4A2C 232 KB
52 KB 130ms
128ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/newembedtheme_07bc3549ee9f632fb2a136a4f93fd0a8_.css

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/newbutton_ec01f33b85311664507f4c5df9e97ad2_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

7fdd9779bc4e0722884e5ee2302cfd6ea8bd38da119aa3cb3069aef611ef87db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 53172
x-xss-protection: 1
last-modified: Wed, 15 Mar 2023 10:17:23 GMT
server: ZGS
nb-request-id: fcede073dd78293cb3fd4b13ee16ced4
etag: "82eb9725b90eb6774bb4c3b43e0330b3"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-2d5ce6acf7c34aa7a6e818c96025484e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Mar_27_2023_3_wmsliteapi.js Show response
js.zohocdn.com/ichat/js/ Frame 4A2C 22 KB
8 KB 73ms
71ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/ichat/js/Mar_27_2023_3_wmsliteapi.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/newbutton_ec01f33b85311664507f4c5df9e97ad2_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

a06db01a3879f630d97601258aa64f9ed2f8cdeaddfa2a783edfee5203a69d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7862
x-xss-protection: 1
last-modified: Mon, 27 Mar 2023 14:42:22 GMT
server: ZGS
nb-request-id: b024e8bebcc1e0715cb3809fc73eeb0d
etag: "8189ca7ac89d57895f698e49ebd73550"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-298d89d255e744e5a6d95d729bb49aea
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 siqnewchatwindow_cc19413febfa1386f1ca65949cfc9e99_.js Show response
js.zohocdn.com/salesiq/js/ Frame 4A2C 1 MB
327 KB 109ms
108ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/js/siqnewchatwindow_cc19413febfa1386f1ca65949cfc9e99_.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/newbutton_ec01f33b85311664507f4c5df9e97ad2_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

471c57f9b959cc756df1904eaa3fd848910b6529fd689dfa9c1a8bd72f82568c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 333918
x-xss-protection: 1
last-modified: Mon, 27 Mar 2023 14:23:41 GMT
server: ZGS
nb-request-id: 5207ba4b133cfa9a2ee9c5eaae996b64
etag: "6393647fafe4877dffdc303f7ad053d6"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-81b5956f64c1488caff8ad911fb782e1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 resource_a7b375533953a96a65527b9965f2618f_.js Show response
js.zohocdn.com/salesiq/js/resource/embed/ Frame 4A2C 48 KB
15 KB 322ms
321ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/js/resource/embed/resource_a7b375533953a96a65527b9965f2618f_.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/newbutton_ec01f33b85311664507f4c5df9e97ad2_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

7a2680ef9a764485f4c4b0cf0e80c4ba1deb90ecd98b37300b9b77a4d0e18d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14848
x-xss-protection: 1
last-modified: Mon, 27 Mar 2023 14:23:58 GMT
server: ZGS
nb-request-id: 07376d99dbbb95f6fbaa0943e3dea97b
etag: "51e65725ef7d62f743c536f4366731ae"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-e203d5cabe3146959f8405118ee62b48
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 siq_df7a33e7f9075cf8e624bd35984c7262_.ttf
css.zohocdn.com/salesiq/styles/fonts/float/ 12 KB
9 KB 37ms
37ms Font
font/ttf 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/fonts/float/siq_df7a33e7f9075cf8e624bd35984c7262_.ttf

Requested by

Host: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/styles/buttontheme1_2e2fdd44136c734caea2fd47ebfd3209_.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

b272e48a2f4a0163b3acba3b5db3324c07a4519197287dc63d70dd870a2a8119

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://css.zohocdn.com/salesiq/styles/buttontheme1_2e2fdd44136c734caea2fd47ebfd3209_.css
Origin: https://recover.novodetox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 8214
x-xss-protection: 1
last-modified: Tue, 01 Mar 2022 17:15:31 GMT
server: ZGS
nb-request-id: 2b3665d247f301b86bc93c3f84db41af
etag: "7d0cf6743b92dec00144647c374f0639"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
content-language: en-US
z-origin-id: ex1-d5938c6b20284142b2d8d2396890b463
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
22 KB 32ms
32ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 04 Apr 2023 20:26:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: AULEV7OH7cv65E88DGRBY+840Pq9KLE59DZv1Uv2lGtePxSi8cSHNsVPiYJVgvWaoel4vwAWFVHNcAeVmLsOzg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 8f2be8b7_wmsbridge.js Show response
js.zohocdn.com/ichat/js/ Frame 4A2C 14 KB
5 KB 217ms
216ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/ichat/js/8f2be8b7_wmsbridge.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/ichat/js/Mar_27_2023_3_wmsliteapi.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

e6f27b5f3217099b5583d5ba05d391a2d5497cf4366d32a3c75ece9ed77e9907

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4300
x-xss-protection: 1
last-modified: Mon, 09 Jan 2023 07:27:42 GMT
server: ZGS
nb-request-id: d2752acb85ff6bef29f581e029d00545
etag: "76112ec07802bd8715090cd97f218383"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-d08d715a74b740d28c75472a31e085c4
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200
OK cl
io.v2.customerlabs.co/ 0
325 B 372ms
131ms Ping
text/plain 34.195.214.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl468714yf3uz9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.214.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-214-14.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://recover.novodetox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://recover.novodetox.com
Date: Tue, 04 Apr 2023 20:26:56 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length: 0
Access-Control-Allow-Methods: POST, OPTIONS

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/417740078/ 3 KB
1 KB 128ms
128ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/417740078/?random=1680640015956&cv=11&fst=1680640015956&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&hn=www.googleadservices.com&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&userId=cl468714yf3uz9ae39104f-1464-490a-addc-83d2fb052648&auid=1168834772.1680640014&uamb=0&uaw=0&data=event%3Dpageview&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-417740078&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

264a208fef69b609960f6bf116927b39bbe50914e30e36d95506fb4cf55a96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1270
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK firstVisit
io.v2.customerlabs.co/cl/ 0
325 B 415ms
170ms Ping
text/plain 34.195.214.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl/firstVisit
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl468714yf3uz9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.214.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-214-14.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://recover.novodetox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://recover.novodetox.com
Date: Tue, 04 Apr 2023 20:26:56 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length: 0
Access-Control-Allow-Methods: POST, OPTIONS

POST
H/1.1 200
OK cl
io.v2.customerlabs.co/ 0
325 B 375ms
131ms Ping
text/plain 34.195.214.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://io.v2.customerlabs.co/cl
Requested by: Host: cdn.js.customerlabs.co
URL: https://cdn.js.customerlabs.co/cl468714yf3uz9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.214.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-214-14.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://recover.novodetox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://recover.novodetox.com
Date: Tue, 04 Apr 2023 20:26:56 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Accept, Content-Type, Max-Age, X-CL-APP-ID, X-Content-Type-Options
Content-Length: 0
Access-Control-Allow-Methods: POST, OPTIONS

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/417740078/ 3 KB
1 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/417740078/?random=1680640015977&cv=11&fst=1680640015977&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&hn=www.googleadservices.com&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&userId=cl468714yf3uz9ae39104f-1464-490a-addc-83d2fb052648&auid=1168834772.1680640014&uamb=0&uaw=0&data=event%3Dwebsite_session_start&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-417740078&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a011038a76be7a9d77742542f06fd2fd162bd52ae3717af373b3147bd7476c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1278
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 90ms
29ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=874753729204982&ev=PageView&dl=https%3A%2F%2Frecover.novodetox.com%2F&rl=&if=false&ts=1680640015952&sw=1600&sh=1200&ud[external_id]=b0a0fe6dd1205739ce47767029ab2d8b4b156bc49a4154862d83f643991ade47&v=2.9.100&r=canary&ec=0&o=28&ttf=3544.0999999046326&tts=2835.9000000953674&ttse=3447&cs_est=true&fbp=fb.1.1680640015951.2029084558&it=1680640015246&coo=false&eid=cl468714yf3uz9b9db456b-f0b6-45b4-b151-6301b77c4343&tm=1&rqm=GET

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 04 Apr 2023 20:26:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 90ms
30ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=874753729204982&ev=website_session_start&dl=https%3A%2F%2Frecover.novodetox.com%2F&rl=&if=false&ts=1680640015975&cd[start_time]=2023-04-04T20%3A26%3A55.971Z&cd[customerlabs_user_id]=cl468714yf3uz9ae39104f-1464-490a-addc-83d2fb052648&sw=1600&sh=1200&ud[external_id]=b0a0fe6dd1205739ce47767029ab2d8b4b156bc49a4154862d83f643991ade47&v=2.9.100&r=canary&ec=1&o=28&ttf=3570.0999999046326&tts=2835.9000000953674&ttse=3447&fbp=fb.1.1680640015951.2029084558&it=1680640015246&coo=false&eid=cl468714yf3uz93808952f-a99f-4f39-9523-8b8810e8ecb1&tm=2&rqm=GET

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 04 Apr 2023 20:26:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 417740078
google.com/ccm/form-data/ 0
258 B 118ms
36ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/417740078?gtm=45be3430&hn=www.googleadservices.com&auid=1168834772.1680640014&uamb=0&uaw=0&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-417740078&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://recover.novodetox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 417740078
google.com/ccm/form-data/ 0
45 B 156ms
74ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/417740078?gtm=45be3430&hn=www.googleadservices.com&auid=1168834772.1680640014&uamb=0&uaw=0&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-417740078&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://recover.novodetox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/417740078/ 42 B
64 B 42ms
41ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/417740078/?random=1680640015977&cv=11&fst=1680638400000&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&userId=cl468714yf3uz9ae39104f-1464-490a-addc-83d2fb052648&data=event%3Dwebsite_session_start&fmt=3&is_vtc=1&random=2309928222&rmt_tld=0&ipr=y

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/417740078/ 42 B
64 B 48ms
47ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/417740078/?random=1680640015977&cv=11&fst=1680638400000&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&userId=cl468714yf3uz9ae39104f-1464-490a-addc-83d2fb052648&data=event%3Dwebsite_session_start&fmt=3&is_vtc=1&random=2309928222&rmt_tld=1&ipr=y

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/417740078/ 42 B
64 B 41ms
41ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/417740078/?random=1680640015956&cv=11&fst=1680638400000&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&userId=cl468714yf3uz9ae39104f-1464-490a-addc-83d2fb052648&data=event%3Dpageview&fmt=3&is_vtc=1&random=398280836&rmt_tld=0&ipr=y

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/417740078/ 42 B
64 B 45ms
44ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/417740078/?random=1680640015956&cv=11&fst=1680638400000&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&userId=cl468714yf3uz9ae39104f-1464-490a-addc-83d2fb052648&data=event%3Dpageview&fmt=3&is_vtc=1&random=398280836&rmt_tld=1&ipr=y

Requested by

Host: recover.novodetox.com
URL: https://recover.novodetox.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK externalIds
io.v2.customerlabs.co/ 0
0 211ms
211ms Image
application/json 34.195.214.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.v2.customerlabs.co/externalIds?customerlabs_user_id=cl468714yf3uz9ae39104f-1464-490a-addc-83d2fb052648&id=cl468714yf3uz9&uid=cl468714yf3uz9ae39104f-1464-490a-addc-83d2fb052648&t=0&sc=1600%20x%201200
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.214.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-214-14.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 online-chat_156f4465f7031faa672da42fb9596199_.svg
css.zohocdn.com/salesiq/images/cw/ Frame 4A2C 6 KB
3 KB 35ms
34ms Image
image/svg+xml 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://css.zohocdn.com/salesiq/images/cw/online-chat_156f4465f7031faa672da42fb9596199_.svg

Requested by

Host: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/styles/newembedtheme_07bc3549ee9f632fb2a136a4f93fd0a8_.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

44e7a36a86e2c491c9b71c30da56e9d6483b62ed0a95e77055e8f8b6e90b662f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://css.zohocdn.com/salesiq/styles/newembedtheme_07bc3549ee9f632fb2a136a4f93fd0a8_.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2156
x-xss-protection: 1
last-modified: Wed, 03 Jun 2020 01:43:16 GMT
server: ZGS
nb-request-id: e362b0a788c7381ab4bdd24bf54e0a98
etag: "ee2de94d5f69ac6e059112c523a74c8f"
vary: Accept-Encoding
content-language: en-US
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, must-revalidate, proxy-revalidate
z-origin-id: ex1-5f619fbe6af5df20cf411fe7
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 security-html-sanitizer.min.js Show response
js.zohocdn.com/zohosecurity/v5_0/js/ Frame 4A2C 27 KB
11 KB 36ms
36ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/zohosecurity/v5_0/js/security-html-sanitizer.min.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/siqnewchatwindow_cc19413febfa1386f1ca65949cfc9e99_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

19d49f275aed32056d7a54248db3559c219f86541563090788f8a9812a0b9bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 10688
x-xss-protection: 1
last-modified: Thu, 26 Aug 2021 06:14:01 GMT
server: ZGS
nb-request-id: 3ba7faecc8cee6d6750bbcb7e9c3d803
etag: "16e09f706d00343e3265b1dd7a230dd5"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-d7a5d4df378d4cf59ed984a8421c900c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 security-url-validator.min.js Show response
js.zohocdn.com/zohosecurity/v5_0/js/ Frame 4A2C 5 KB
3 KB 37ms
37ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/zohosecurity/v5_0/js/security-url-validator.min.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/siqnewchatwindow_cc19413febfa1386f1ca65949cfc9e99_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

00c9b79025fc8e5f70090b7e6fb91bf1d468e9daaffb1c5700105e37b572f685

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2641
x-xss-protection: 1
last-modified: Thu, 26 Aug 2021 06:14:01 GMT
server: ZGS
nb-request-id: 36ba05018688453615daebd37886a553
etag: "3904d1666958afd66ede81e6a18aba4b"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-8d48ce9873d140158523558a76a59807
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
a.clickcertain.com/px/cont/ Frame 69C6 1 KB
989 B 133ms
133ms Document
text/html 2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&cn=DE
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=24bee1aa8b49a9f&seg=home&partner_id=cl468714yf3uz9ae39104f-1464-490a-addc-83d2fb052648
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ae689ef158531358d6b100ebb4cca30218905c2cf57e554b7d705cc27bf49a9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7b2c4a086ade91cf-FRA
content-encoding: br
content-type: text/html
date: Tue, 04 Apr 2023 20:26:56 GMT
etag: W/"Njc3ZjYwZjhnZWFmNmc0NTVjZ2JkMzZnYmYyNzA2YTM4ODk3LXow"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvKxORCjqvtZkuNtw21bkB2y0vRjk2BS9fh4nsWsc5bW6uociSVffHyDVVP%2BSlxvJvOchVr5RwQvHFb7wRQ7EluVDRzrDxWOIJE17%2Fm345IL8jcMlzrM2DLkx0JaVHt657nijUfryfZ0j668ScIpHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frontend: cc-nginx-64757f797b-dm4kc:cc-nginx-64757f797b-dm4kc
x-requestid: 2986f454-c9c0-4d33-9256-12325818b28b

GET
H2

204

/
a.clickcertain.com/px/ta/ Frame 69C6
Redirect Chain

https://a.clickcertain.com/px/ta/?ccid=677f60f8-eaf6-455c-bd36-bf2706a38897
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=677f60f8-eaf6-455c-bd36-bf2706a38897&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
https://a.clickcertain.com/px/ta/?done=true&ta_id=cf92526c-5afa-4cdf-8fb2-7a75ab9926d1

0
417 B

148ms
147ms

Image
text/plain

2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/ta/?done=true&ta_id=cf92526c-5afa-4cdf-8fb2-7a75ab9926d1
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&cn=DE
Protocol: H2
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:57 GMT
x-frontend: cc-nginx-64757f797b-dm4kc:cc-nginx-64757f797b-dm4kc
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: c9e3f93a-8618-4b0d-97cc-d2cbe84636ea
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4sF6HB%2FzXrFaeBp2Fh6FPP2ZWpUK02HuIXm0KT0dGXhb6qwVS817hxqybJtKk6AWze6hNUX1jl4I7a%2BzGKyYwz6zNcR5uZ1X0%2FFt8J%2B7BwFT%2FJjLds628hIrz6mWh9Li3468ibOahqCIywiKws8UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b2c4a0a8d0491cf-FRA

Redirect headers

date: Tue, 04 Apr 2023 20:26:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://a.clickcertain.com/px/ta/?done=true&ta_id=cf92526c-5afa-4cdf-8fb2-7a75ab9926d1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

/
a.clickcertain.com/px/t/ Frame 69C6
Redirect Chain

https://a.usbrowserspeed.com/cs?puid=c96d2ead-fc1c-5978-a703-af35ae661ff4&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256...
https://a.clickcertain.com/px/t/?done=true&uid=0bb6d8b8-3cf2-4a19-a207-2fe39d9b2883&hem=

0
290 B

276ms
276ms

Image
text/plain

2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/t/?done=true&uid=0bb6d8b8-3cf2-4a19-a207-2fe39d9b2883&hem=
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&cn=DE
Protocol: H2
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:57 GMT
x-frontend: cc-nginx-64757f797b-vcjpd:cc-nginx-64757f797b-vcjpd
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: ac505264-687c-4625-9ccc-f9dd9ad07898
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4V41PMg9e8P1xcoUK0o9xAp9gbTiz%2BFS4a667O5mAVtQ8BhPI6DL9dBqRBJFn5eLs4PuXvrrKpOZJ8byfT6uXq1VEx9VqlRsJrbstFzM7p7lpjYnyo5%2FxcMWDr0M39bY2t94Bluaw86WL%2BHHB08YQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b2c4a0acd3091cf-FRA

Redirect headers

location: https://a.clickcertain.com/px/t/?done=true&uid=0bb6d8b8-3cf2-4a19-a207-2fe39d9b2883&hem=
date: Tue, 04 Apr 2023 20:26:56 GMT
server: awselb/2.0
content-length: 119
content-type: text/html; charset=utf-8

GET
H/1.1 400
Bad Request fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 69C6 27 B
27 B 59ms
59ms Image
text/plain 52.214.236.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive

Requested by

Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&cn=DE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.236.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-236-0.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 04 Apr 2023 20:26:56 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

GET
H2

200

sync
x.bidswitch.net/ Frame 69C6
Redirect Chain

https://a.clickcertain.com/px/r/?ccid=677f60f8-eaf6-455c-bd36-bf2706a38897
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=677f60f8-eaf6-455c-bd36-bf2706a38897&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
https://a.clickcertain.com/px/li/?ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%...
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D677f60f8%2Deaf6%2D455...
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&anx_uId=$UID
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&anx_uId=522215943908136076
https://x.bidswitch.net/sync?dsp_id=179&user_id=677f60f8-eaf6-455c-bd36-bf2706a38897&expires=5&user_group=0

43 B
145 B

29ms
29ms

Image
image/gif

3.120.68.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=179&user_id=677f60f8-eaf6-455c-bd36-bf2706a38897&expires=5&user_group=0
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&cn=DE
Protocol: H2
Server: 3.120.68.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-68-67.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 04 Apr 2023 20:26:58 GMT
x-frontend: cc-nginx-64757f797b-vcjpd:cc-nginx-64757f797b-vcjpd
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: b276d86b-d43f-43c4-825f-83516c6ec41f
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0hRLaqugKxB58qL2fxo5adVdNDxGX%2Bue941l9Y%2FJkyWrFTF%2F8HLxto82rYAFIfouRiU2UQYhCv8LG%2FLdC8fQPl8O0FwKbnAqNx%2BbK57k%2BtXozX0fZvnmCnX2gKVEJ%2B0RsAFpMMxM6XGTiqwiX6JMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://x.bidswitch.net/sync?dsp_id=179&user_id=677f60f8-eaf6-455c-bd36-bf2706a38897&expires=5&user_group=0
cf-ray: 7b2c4a0fba3891cf-FRA

GET
H2 200 193f0456 Show response
tag.trovo-tag.com/ Frame 05C7 490 B
759 B 47ms
47ms Document
text/html 18.66.122.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.trovo-tag.com/193f0456
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=24bee1aa8b49a9f&ccid=677f60f8-eaf6-455c-bd36-bf2706a38897&cn=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-56.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: ed69d753d61705a0b77f38322b20b4a161a7e5cdab4c063ef87dffd1fc663da7

Request headers

Referer: https://a.clickcertain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 490
content-type: text/html
date: Tue, 04 Apr 2023 20:26:56 GMT
server: CloudFront
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-amz-cf-id: 3ONGMohCCTy8aoBbpRnJO7Sw8zb0LWaryD_jHl_JeGLojBd1YkN8Zw==
x-amz-cf-pop: FRA60-P2
x-cache: LambdaGeneratedResponse from cloudfront

GET
H2

204

/
a.clickcertain.com/px/img/g/ Frame 05C7
Redirect Chain

https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=0b82b59f-d327-11ed-888c-5d8605ad40a4
https://a.clickcertain.com/px/smart/a/?partner_id=193f0456&type=img&c=24d1add2443e239&partner_rid=0b82b59f-d327-11ed-888c-5d8605ad40a4
https://a.clickcertain.com/px/img/?c=24d1add2443e239
https://a.clickcertain.com/px/img/g/?start_cm=1
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1
https://a.clickcertain.com/px/img/g/?google_gid=CAESEOXrFft1CB7I5leipPWKAuA&google_cver=1

0
451 B

171ms
170ms

Image
text/plain

2606:4700:20::ac43:4acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/img/g/?google_gid=CAESEOXrFft1CB7I5leipPWKAuA&google_cver=1
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol: H2
Server: 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:58 GMT
x-frontend: cc-nginx-64757f797b-l2957:cc-nginx-64757f797b-l2957
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 8c5951c4-0923-4d20-b054-7807baa75e1b
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8smLcfGf7Rk1Rc39VUWXYdr5vrg4DP05SKAitfd9fng5bLTx2QOCVeceuqk7eSTlMF%2BgY%2BGacxE5P2ebRCpMAQnCkd4hBODlOq97tI9D7cHZ8XEoACybBKuEp65dCe1VqkUwEopt63Pz7crDKc8Glw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7b2c4a0ffa7a91cf-FRA

Redirect headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.clickcertain.com/px/img/g/?google_gid=CAESEOXrFft1CB7I5leipPWKAuA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 lds
a.usbrowserspeed.com/ Frame 05C7 0
147 B 235ms
234ms Image
text/plain 52.10.142.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.usbrowserspeed.com/lds?pid=193f0456&rurl=https%3A//a.clickcertain.com/
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.142.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-142-145.us-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:57 GMT
server: awselb/2.0

GET
H/1.1 400
Bad Request fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 05C7 27 B
27 B 52ms
52ms Image
text/plain 52.214.236.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive

Requested by

Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.236.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-236-0.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 04 Apr 2023 20:26:56 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
301 B 145ms
145ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c-sc/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://recover.novodetox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://recover.novodetox.com
Date: Tue, 04 Apr 2023 20:26:57 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=18F509EB53554CBF8AE6D95CA35D4F68&RedC=c.clarity.ms&MXFR=03A8EB6FBCB161A21B82F986B8B16F66
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=18F509EB53554CBF8AE6D95CA35D4F68&MUID=185BA27A3B1B664C192AB0933A1B674A

42 B
442 B

52ms
51ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=18F509EB53554CBF8AE6D95CA35D4F68&MUID=185BA27A3B1B664C192AB0933A1B674A
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:57 GMT
last-modified: Thu, 16 Mar 2023 17:16:22 GMT
server: Microsoft-IIS/10.0
etag: "c4b6d572b58d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:26:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8920F43A308A459DA034F389CCD6771C Ref B: FRAEDGE1917 Ref C: 2023-04-04T20:26:58Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=18F509EB53554CBF8AE6D95CA35D4F68&MUID=185BA27A3B1B664C192AB0933A1B674A
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 logo.png
novohelp.wpengine.com/wp-content/uploads/2021/12/ 11 KB
11 KB 132ms
132ms Image
image/png 34.75.26.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novohelp.wpengine.com/wp-content/uploads/2021/12/logo.png
Requested by: Host: recover.novodetox.com
URL: https://recover.novodetox.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.75.26.110 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.26.75.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d2b3dcb4506c542e65e8eb4838fdcfffd4746876004915dca7ab9360c1605752

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:26:58 GMT
last-modified: Thu, 09 Dec 2021 14:29:20 GMT
server: nginx
etag: "61b212c0-2d1a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 11546

OPTIONS
H/1.1 200 conversations
salesiq.zohopublic.com/visitor/v2/trupathrecovery/ Frame 0
0 750ms
192ms Preflight 136.143.190.97

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zohopublic.com/visitor/v2/trupathrecovery/conversations?avuid=094ca44e-ef00-4355-88d4-e0cb80c3d263&app_id=51d6649d2116842ff4ee78376e34ddfc3f7a511f2c1c5df3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.190.97 -, , ASN (),

Reverse DNS

Software

ZGS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: */*
Access-Control-Request-Headers: x-siq-channel
Access-Control-Request-Method: GET
Origin: https://recover.novodetox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,X-SIQ-Channel,X-SIQ-ACCESSTOKEN,X-SIQ-APPID
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://recover.novodetox.com
Connection: keep-alive
Content-Length: 0
Date: Tue, 04 Apr 2023 20:27:01 GMT
Encoding: UTF-8
Server: ZGS
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1

GET
H2 200 siq_126d03bdd2b5b096575c5888e0c456c2_.ttf
css.zohocdn.com/salesiq/styles/fonts/cw/ Frame 4A2C 34 KB
21 KB 37ms
36ms Font
font/ttf 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/fonts/cw/siq_126d03bdd2b5b096575c5888e0c456c2_.ttf

Requested by

Host: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/styles/newembedtheme_07bc3549ee9f632fb2a136a4f93fd0a8_.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

2f91199e5e8c4600f10c540b7d9db7552abbca403ac6b8c16a5760e3f4fb6463

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://css.zohocdn.com/salesiq/styles/newembedtheme_07bc3549ee9f632fb2a136a4f93fd0a8_.css
Origin: https://recover.novodetox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 20853
x-xss-protection: 1
last-modified: Fri, 30 Dec 2022 16:04:50 GMT
server: ZGS
nb-request-id: 4a9e5b8717e742fab89070ef9c77f829
etag: "3ccbb36bf5fe6c13d2d835413a0247fd"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
content-language: en-US
z-origin-id: ex1-aaabc5661a474c6187a363cd49acdea4
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 header_pattern_08e3ad24bb4d5ca2c7d6121bfcdb608d_.svg
css.zohocdn.com/salesiq/images/cw/ Frame 4A2C 30 KB
7 KB 35ms
34ms Image
image/svg+xml 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://css.zohocdn.com/salesiq/images/cw/header_pattern_08e3ad24bb4d5ca2c7d6121bfcdb608d_.svg

Requested by

Host: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/styles/newembedtheme_07bc3549ee9f632fb2a136a4f93fd0a8_.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

ba55302b8bf416d8888b3b2444862ce149189857163763e85fc832307a1aabf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://css.zohocdn.com/salesiq/styles/newembedtheme_07bc3549ee9f632fb2a136a4f93fd0a8_.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6367
x-xss-protection: 1
last-modified: Fri, 02 Jul 2021 08:06:14 GMT
server: ZGS
nb-request-id: 18f712b20685ef4cca25e3506c604490
etag: "f8981f78768faa45dbec1080709344f4"
vary: Accept-Encoding
content-type: image/svg+xml
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-787b52e4271b452d92ff971ff76498ee
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font.woff
css.zohocdn.com/webfonts/latoregular/ Frame 4A2C 37 KB
37 KB 72ms
71ms Font
font/woff 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/webfonts/latoregular/font.woff

Requested by

Host: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/styles/newembedtheme_07bc3549ee9f632fb2a136a4f93fd0a8_.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

251d58cc997156886bac2cefc52d1330129544d5f1d6c2a4722242fe3eaa7e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://css.zohocdn.com/salesiq/styles/newembedtheme_07bc3549ee9f632fb2a136a4f93fd0a8_.css
Origin: https://recover.novodetox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000, max-age=63072000
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 37612
x-xss-protection: 1
last-modified: Wed, 28 Jul 2021 14:29:16 GMT
server: ZGS
nb-request-id: 5703aec6c1df0e11876145f091753215
etag: "f73a195cf160c3c1c1eaf8fcf8eabc04"
vary: Accept-Encoding
content-type: font/woff
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
z-origin-id: ex1-31fa494a4f66485d9d451c88fca1ee80
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200 conversations Show response
salesiq.zohopublic.com/visitor/v2/trupathrecovery/ Frame 4A2C 105 B
975 B 562ms
197ms XHR
application/json 136.143.190.97

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zohopublic.com/visitor/v2/trupathrecovery/conversations?avuid=094ca44e-ef00-4355-88d4-e0cb80c3d263&app_id=51d6649d2116842ff4ee78376e34ddfc3f7a511f2c1c5df3

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/siqnewchatwindow_cc19413febfa1386f1ca65949cfc9e99_.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.190.97 -, , ASN (),

Reverse DNS

Software

ZGS /

Resource Hash

0405f6fbf9d52a1c8305385e595fba1e91f4c4c7ecb916f5b1a08a10a3df5b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

X-SIQ-Channel: website
Accept: */*
Referer: https://recover.novodetox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 04 Apr 2023 20:27:01 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 105
X-XSS-Protection: 1
Server: ZGS
ETag: -1069285385
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://recover.novodetox.com
Content-Language: de-DE
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Encoding: UTF-8
Access-Control-Allow-Headers: Content-Type,X-SIQ-Channel,X-SIQ-ACCESSTOKEN,X-SIQ-APPID

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/417659142/ 3 KB
2 KB 40ms
39ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/417659142/?random=1680640020678&cv=11&fst=1680640020678&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&label=1BV9CKuVp5wDEIbyk8cB&hn=www.googleadservices.com&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&gtm_ee=1&auid=1168834772.1680640014&uamb=0&uaw=0&data=event%3DChat%20Triggerred%3Bevent_category%3DSalesIQ%3Bevent_label%3DAuto%20and%20proactive%20chat%20initiated%20to%20the%20visitors.&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-417659142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

8988fd956973195cb5f1e32061d7d3ebb53e31ef73c4a294638ea4606cf6f99f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1631
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/417740078/ 3 KB
1 KB 114ms
113ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/417740078/?random=1680640020682&cv=11&fst=1680640020682&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&hn=www.googleadservices.com&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&auid=1168834772.1680640014&uamb=0&uaw=0&data=event%3DChat%20Triggerred%3Bevent_category%3DSalesIQ%3Bevent_label%3DAuto%20and%20proactive%20chat%20initiated%20to%20the%20visitors.&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-417740078&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1f83f449ce24fc7b30ed087c0810ff18065fdc9e451362eda82cd3c3bb916e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:27:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 31ms
29ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=982654801&t=event&_s=2&dl=https%3A%2F%2Frecover.novodetox.com%2F&ul=en-us&de=UTF-8&dt=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SalesIQ&ea=Chat%20Triggerred&el=Auto%20and%20proactive%20chat%20initiated%20to%20the%20visitors.&_u=aHBAAUABAAAAACAAI~&jid=&gjid=&cid=41120696.1680640014&tid=UA-193464030-1&_gid=271526015.1680640014&gtm=457e3430&jsscut=1&z=1003281635

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8508
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 417740078
google.com/ccm/form-data/ 0
54 B 37ms
36ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/417740078?gtm=45be3430&hn=www.googleadservices.com&auid=1168834772.1680640014&uamb=0&uaw=0&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-417740078&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:27:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://recover.novodetox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 ping_e69e7799466b7f62fc1640e8028f922d_.mp3
static.zohocdn.com/salesiq/MEDIA_14/sound/ Frame 4A2C 31 KB
32 KB 48ms
36ms Media
audio/mpeg 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zohocdn.com/salesiq/MEDIA_14/sound/ping_e69e7799466b7f62fc1640e8028f922d_.mp3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

c5de65925f229d445ed1e05cb7cdb239d12678e79a7196cc3411894c24fe0b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://recover.novodetox.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 04 Apr 2023 20:27:00 GMT
strict-transport-security: max-age=15768000, max-age=63072000
x-content-type-options: nosniff
x-cache: HIT
Content-Range: bytes 0-31968/31969
cross-origin-resource-policy: cross-origin
Content-Length: 31969
x-xss-protection: 1
last-modified: Fri, 02 Jul 2021 08:02:41 GMT
server: ZGS
nb-request-id: 5b7fdb952a8a1a035f5b41c666de35b1
etag: "a241a34a25cb89437bd243000a91704c"
vary: Accept-Encoding
content-language: en-US
content-type: audio/mpeg
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-35cf82b9dc3a45f0a69878b5cb8a05b3
timing-allow-origin: *

GET
H3

200

/
www.google.de/pagead/1p-conversion/417659142/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/417659142/?random=1325317471&cv=11&fst=1680640020678&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Freco...
https://www.google.com/pagead/1p-conversion/417659142/?random=1325317471&cv=11&fst=1680640020678&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&...
https://www.google.de/pagead/1p-conversion/417659142/?random=1325317471&cv=11&fst=1680640020678&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&l...

42 B
64 B

45ms
45ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/417659142/?random=1325317471&cv=11&fst=1680640020678&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&label=1BV9CKuVp5wDEIbyk8cB&hn=www.googleadservices.com&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&gtm_ee=1&auid=1168834772.1680640014&uamb=0&uaw=0&data=event%3DChat%20Triggerred%3Bevent_category%3DSalesIQ%3Bevent_label%3DAuto%20and%20proactive%20chat%20initiated%20to%20the%20visitors.&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEpXdm9RWVFpX3kzMXN6MXBJaVdBUkltQUcwa3hiT25Jem15OFNIakNnLUlRak95Y2dXNXpxa19tdzZ2LWRzcENMUXo4ZW1MOXI0GlhDaEFJOEpXdm9RWVE3ZmpFanVXUGpkUUhFaTRBX0U4d3NnTzNNUkxjWF9aSmZPR3FnTk54bm13Z3NtaWZBSGNkTnZ6aWZNUVZKd3ZXdmVBZnliT09pQ2Z0&is_vtc=1&ocp_id=FIgsZLuCK4m_9u8Plc6U8Ao&cid=CAQSKQDUE5ymgReQQRF2MCp9QqRHKJz0LvUkvfnn-umgibmxSWVv8RLIyJhi&random=243603657&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:27:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:27:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/417659142/?random=1325317471&cv=11&fst=1680640020678&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&label=1BV9CKuVp5wDEIbyk8cB&hn=www.googleadservices.com&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&gtm_ee=1&auid=1168834772.1680640014&uamb=0&uaw=0&data=event%3DChat%20Triggerred%3Bevent_category%3DSalesIQ%3Bevent_label%3DAuto%20and%20proactive%20chat%20initiated%20to%20the%20visitors.&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEpXdm9RWVFpX3kzMXN6MXBJaVdBUkltQUcwa3hiT25Jem15OFNIakNnLUlRak95Y2dXNXpxa19tdzZ2LWRzcENMUXo4ZW1MOXI0GlhDaEFJOEpXdm9RWVE3ZmpFanVXUGpkUUhFaTRBX0U4d3NnTzNNUkxjWF9aSmZPR3FnTk54bm13Z3NtaWZBSGNkTnZ6aWZNUVZKd3ZXdmVBZnliT09pQ2Z0&is_vtc=1&ocp_id=FIgsZLuCK4m_9u8Plc6U8Ao&cid=CAQSKQDUE5ymgReQQRF2MCp9QqRHKJz0LvUkvfnn-umgibmxSWVv8RLIyJhi&random=243603657&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/417740078/ 42 B
64 B 40ms
40ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/417740078/?random=1680640020682&cv=11&fst=1680638400000&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&data=event%3DChat%20Triggerred%3Bevent_category%3DSalesIQ%3Bevent_label%3DAuto%20and%20proactive%20chat%20initiated%20to%20the%20visitors.&fmt=3&is_vtc=1&random=448053806&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:27:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/417740078/ 42 B
64 B 43ms
42ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/417740078/?random=1680640020682&cv=11&fst=1680638400000&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Frecover.novodetox.com%2F&frm=0&tiba=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&data=event%3DChat%20Triggerred%3Bevent_category%3DSalesIQ%3Bevent_label%3DAuto%20and%20proactive%20chat%20initiated%20to%20the%20visitors.&fmt=3&is_vtc=1&random=448053806&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recover.novodetox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:27:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 36ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M0QXYDY3BP&gtm=45je3430&_p=982654801&cid=41120696.1680640014&ul=en-us&_geo=1&_rdi=1&dl=https%3A%2F%2Frecover.novodetox.com%2F&sid=1680640013&sct=1&seg=1&dt=NOVO%20Detox%20%7C%20Medical%20Detox%20%26%20Treatment%20Center&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0QXYDY3BP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://recover.novodetox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 20:27:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://recover.novodetox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
301 B 122ms
121ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c-sc/s/0.7.6/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://recover.novodetox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://recover.novodetox.com
Date: Tue, 04 Apr 2023 20:27:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

Verdicts & Comments Add Verdict or Comment

249 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 11:33:52	Name: _li_ss Value: CgA
.recover.novodetox.com/	1969-12-31 23:59:59	Name: _cfuvid Value: m6S_cbLrsEWxhMdrylrmejulKNDxoMVBqtsFxeiEbh0-1680640012732-0-604800000
159642.tctm.co/	1969-12-31 23:59:59	Name: ct159642 Value: 642c880d00026f9a15adae08
.novodetox.com/	1970-01-20 11:33:52	Name: __ctmid Value: 642c880d00026f9a15adae08
recover.novodetox.com/	1970-01-20 11:33:52	Name: __ctmid Value: 642c880d00026f9a15adae08
.novodetox.com/	1970-01-20 13:00:16	Name: _gcl_au Value: 1.1.1168834772.1680640014
.novodetox.com/	1970-01-20 10:52:06	Name: _gid Value: GA1.2.271526015.1680640014
.novodetox.com/	1970-01-20 10:50:40	Name: _gat_gtag_UA_193464030_1 Value: 1
.novodetox.com/	1970-01-20 20:26:40	Name: _ga Value: GA1.1.41120696.1680640014
.novodetox.com/	1970-01-20 20:26:40	Name: _ga_4WFJKEWSD2 Value: GS1.1.1680640013.1.0.1680640013.0.0.0
.novodetox.com/	1970-01-20 10:52:06	Name: _uetsid Value: 09d8fc80d32711edbd4f6f5f37f06912
.novodetox.com/	1970-01-20 20:12:16	Name: _uetvid Value: 09d92140d32711ed955e758030f7f6dc
.bing.com/	1970-01-20 20:12:16	Name: MUID Value: 185BA27A3B1B664C192AB0933A1B674A
www.clarity.ms/	1970-01-20 19:36:16	Name: CLID Value: 2a6f20e1938c46e7a5b32f0b0f7e6714.20230404.20240403
a.clickcertain.com/	1970-01-20 19:36:16	Name: _ccpx_u Value: 677f60f8%2deaf6%2d455c%2dbd36%2dbf2706a38897
.novodetox.com/	1970-01-20 19:36:16	Name: _clck Value: 1q33lhd\|1\|fah\|0
salesiq.zoho.com/	1969-12-31 23:59:59	Name: LS_CSRF_TOKEN Value: 9468dfbe-d670-4ef8-87b2-970ae7caf904
salesiq.zoho.com/	1970-01-20 11:33:52	Name: uesign Value: 930d418856869a0398712b2f209f918f23310232eb0a82ae664457c6f3a154fd8e9a35d8da0e3f5e1d65d49abc58510f
.novodetox.com/	1969-12-31 23:59:59	Name: cl468714yf3uz9_source Value: Direct
.novodetox.com/	1969-12-31 23:59:59	Name: cl468714yf3uz9_session_starts Value: 1680640014921
.novodetox.com/	1969-12-31 23:59:59	Name: cl468714yf3uz9_utmParams Value: %7B%22utm_source%22%3A%22Direct%22%2C%22utm_medium%22%3A%22Direct%22%7D
.novodetox.com/	1970-01-20 19:36:16	Name: cl468714yf3uz9_uid Value: cl468714yf3uz9ae39104f-1464-490a-addc-83d2fb052648
.novodetox.com/	1970-01-20 19:36:16	Name: cl468714yf3uz9_sid Value: CL-108b2341-b541-48a7-ab3c
.novodetox.com/	1970-01-20 19:36:16	Name: cl468714yf3uz9_gid Value: cl468714yf3uz9abf5adb6-3545-4028-b249-a762b7b6e398
.tapad.com/	1970-01-20 12:17:04	Name: TapAd_TS Value: 1680640015102
.tapad.com/	1970-01-20 12:17:04	Name: TapAd_DID Value: cf92526c-5afa-4cdf-8fb2-7a75ab9926d1
.doubleclick.net/	1970-01-20 20:12:16	Name: IDE Value: AHWqTUkSuTYf9p2z-m-7SeWp4PFnYzldfCHLA-Pmw4iW_e0dJwAvTkfM942qT9n5
.novodetox.com/	1970-01-20 10:52:06	Name: _clsk Value: 1jr90ik\|1680640015145\|1\|1\|s.clarity.ms/collect
.tapad.com/	1970-01-20 12:17:04	Name: TapAd_3WAY_SYNCS Value:
.recover.novodetox.com/	1970-01-20 20:26:40	Name: trupathrecovery-_zldp Value: mmrPUsrSBg5Q0%2F%2FgyS1%2FkH1gyT8IOfmHaL71xdaFWjYeHqOZQfm2XqlNHv7W32ylmKwM1K1ctjo%3D
.recover.novodetox.com/	1970-01-20 10:52:06	Name: trupathrecovery-_zldt Value: 5d690ba5-7731-4e02-8c22-00dd3a394560-0
.bidr.io/	1970-01-20 20:19:13	Name: bitoIsSecure Value: ok
.bidr.io/	1970-01-20 20:19:13	Name: bito Value: AAEAdU7IWRAAACC2oQHYWg
.liadm.com/	1970-01-20 20:26:40	Name: lidid Value: bd731cf6-6463-4b00-bc01-520ed6626584
.a.usbrowserspeed.com/	1970-01-20 19:36:16	Name: tuid Value: 0bb6d8b8-3cf2-4a19-a207-2fe39d9b2883
.novodetox.com/	1970-01-20 13:00:16	Name: _fbp Value: fb.1.1680640015951.2029084558
.novodetox.com/	1969-12-31 23:59:59	Name: cl468714yf3uz9_session_ends Value: 1680641815973
.novodetox.com/	1970-01-20 20:26:40	Name: _ga_M0QXYDY3BP Value: GS1.1.1680640013.1.1.1680640015.0.0.0
.adnxs.com/	1970-01-20 13:00:16	Name: uuid2 Value: 522215943908136076
a.clickcertain.com/	1970-01-20 19:36:16	Name: _ccpx_24bee1aa8b49a9f Value: 2
.bidswitch.net/	1970-01-20 19:36:16	Name: tuuid Value: 1c0d0503-ca66-4bfd-a9e5-930e4858801b
.bidswitch.net/	1970-01-20 19:36:16	Name: c Value: 1680640016
.bidswitch.net/	1970-01-20 19:36:16	Name: tuuid_lu Value: 1680640016
a.clickcertain.com/	1970-01-20 19:36:16	Name: _ccpx Value: 24d1add2443e239
a.clickcertain.com/	1970-01-20 19:36:16	Name: _ccpx_24d1add2443e239 Value: 2
.c.bing.com/	1970-01-20 11:00:44	Name: MR Value: 0
.c.bing.com/	1970-01-20 20:12:16	Name: SRM_B Value: 185BA27A3B1B664C192AB0933A1B674A
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 20:12:16	Name: MUID Value: 185BA27A3B1B664C192AB0933A1B674A
.c.clarity.ms/	1970-01-20 11:00:44	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 10:50:40	Name: ANONCHK Value: 0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
javascript	warning	URL: https://recover.novodetox.com/ Message: The resource https://js.zohocdn.com/ichat/js/8f2be8b7_wmsbridge.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

159642.tctm.co
184079.t.hyros.com
a.clickcertain.com
a.remarketstats.com
a.usbrowserspeed.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.js.customerlabs.co
cm.g.doubleclick.net
connect.facebook.net
css.zohocdn.com
fonts.gstatic.com
google.com
googleads.g.doubleclick.net
i.liadm.com
io.v2.customerlabs.co
js.zohocdn.com
lh3.googleusercontent.com
match.prod.bidr.io
novohelp.wpengine.com
pixel.tapad.com
recover.novodetox.com
region1.google-analytics.com
s.clarity.ms
salesiq.zoho.com
salesiq.zohopublic.com
secure.adnxs.com
static.zohocdn.com
tag.trovo-tag.com
tdcgethelp.wpengine.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
136.143.190.97
136.143.191.67
141.193.213.11
142.250.186.34
172.217.16.130
18.66.122.56
18.66.17.102
185.20.209.147
185.89.210.101
2001:4860:4802:34::36
23.96.124.68
2600:9000:223d:d600:12:de4a:40:93a1
2606:4700:20::681a:27a
2606:4700:20::ac43:4acf
2620:1ec:4e:1::45
2620:1ec:c11::200
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2008
2a00:1450:4001:831::2004
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.120.68.67
34.111.113.62
34.195.214.14
34.199.5.193
34.75.26.110
52.10.142.145
52.214.236.0
54.158.150.69
68.219.88.97
00c9b79025fc8e5f70090b7e6fb91bf1d468e9daaffb1c5700105e37b572f685
025c8a6e4e16eeba89a12a9e84612e2d9ce4416552ce835e33854c2d46e2d982
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03fdba476bf32618c3a56462d7b8ace915deeb85a16bdc5f84a8abf97dc27ae8
0405f6fbf9d52a1c8305385e595fba1e91f4c4c7ecb916f5b1a08a10a3df5b2e
0a47c6e6f24e634cb79f886e70bbfd65e1e85b0d2aa4fc133488fd1bc1910e3e
0bbfea67bf64ffbba2b799fb5c06d653450e649b9618812b1d0c6d3da222cc13
0c8aca07968fbdd4c7f43c787ed7af1ead2a3ddfd9ee8f037127fe1511b9ec2a
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
16de6b4fe0c75d453a8ebd7d04c8d04ef8f90a0a76a7a5754ec13c853bc043f9
1725aecf1e4b2ab0dd12adb76284a91b0131368f8051123640fd613625fbeb73
17ec0c20d179cf39cbbb164c18165e8a35e9678d5602c8c4f6826ff457b0685e
19d49f275aed32056d7a54248db3559c219f86541563090788f8a9812a0b9bdf
1a29d402641f0f50873526ff6fc1d52c4123a52320a66ff82334c3eddd9dc9df
1acdd35bb2ff4cc62a46ac39032bfcc8415687f2e5baabb9616e3ede36a5871c
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
1dbbc175957ed50646e25dd18ef2a0cf49f68a65e5b8945d7a3a4d7e0a0a1fcb
1ea1cd010c7f025b1718cff727c962f3875c3ab4d388646ee757488ed9a633b8
251d58cc997156886bac2cefc52d1330129544d5f1d6c2a4722242fe3eaa7e9d
264a208fef69b609960f6bf116927b39bbe50914e30e36d95506fb4cf55a96ee
26803161016c2536fefff5e66a962f3614a529d0097df52ef3e6f838e44d4130
2e1d0c48d0707545aa1bf9ed05a709962720e94a42a0870bf077325dc8124cb9
2f51b43c4f1892d2d8840a888490afb5b52802f4e35cb84bbe36a822b1bc0d23
2f91199e5e8c4600f10c540b7d9db7552abbca403ac6b8c16a5760e3f4fb6463
36ba4f81bcac8c8bc0844cea2c7afe83d1fc809eaa1f4c15650e376619c74eb0
376dc1078c199456079280d24578f1913c8b48cee1a5e724fbaa586a7ccee6e7
3bd59844217d9ec56dd0f7c71e692e6783bfa101dcd0fa52acd4fa210d919ad9
3e84881222bc85a742f8c37288d5edbc7deaf3b0ae535d4e9a65f12771bb32b6
44e7a36a86e2c491c9b71c30da56e9d6483b62ed0a95e77055e8f8b6e90b662f
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
471c57f9b959cc756df1904eaa3fd848910b6529fd689dfa9c1a8bd72f82568c
4a2c47424dede828650d40a794b65c14d2e9f7197c615fb6b5c8ca99a5710277
4adf902aa245a4754d36f472a57787a6b1a6e5c785cdbd62f0d4f80fab41b012
4b0b7df8b1d4cb7fab0f25fcacf4eedae0ff425694c1d1b4044eac670dc9a166
4cc4d4eb7108c9f6652c4e3c08cfb2838b33bb8e7c454368ee0b175363159064
5243fd876f8a46b67bd23964cd1b39ff8ba2eb614543726f9a876df8443e17ad
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550744165dad97d58141272b528c3cc03f8a2d50c1a95ddd29b921138705713d
56cff97e7fe5e25830efc4b449eb38041f85358c1f41368d1b47506a6865b815
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59feb71c70a87d3318521d850911665c138f4140555269b67693abde11bdf9e8
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a97624cffe3f1b21127be4b588587d68f520fbe80aae2bb3acbdde17c0ea141
5ae689ef158531358d6b100ebb4cca30218905c2cf57e554b7d705cc27bf49a9
5d91dcf9ebe9f4be36343e4eafbaeb5c8408027b8055ef997a13de9ae6b58b1d
60486d04562b6e67f0001cb496811c9d8072667b444ef9cac4b554b6c3aa3a41
631b17bac810e312d782e29862030cb220e1cf49f694ead531e110bad9788fd7
695e4af2e0c3efd05fd5148cd73ae97095837a57f1b9d289b2294b45af15879f
69ec8c65f4b4fc1ca9454dff01ff4732ec087197976550ed74565ac1ab9abfe7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d22ce626b935790cebb90d59fb7e0bfc67506beaa7ed93eb2250fd8003f2226
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
79a328429c2ed4f6e61dce36d8146719d2f24bc1d388cf41f63ac3ce2d850592
7a2680ef9a764485f4c4b0cf0e80c4ba1deb90ecd98b37300b9b77a4d0e18d6f
7c2c76d0202f566e30a9efb48493706b2e2aaafdccf4cf7ddca3e85d49c309cd
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7fdd9779bc4e0722884e5ee2302cfd6ea8bd38da119aa3cb3069aef611ef87db
82b9589cd602101bcc95397d7b14745bf4e049ae89ea3b492efd482fa0c9f1aa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8544d575f0817b2e4735aa9b2bf9ea9ff781ebddae9bfbf4f3f129805253c2c9
85dc44d286ed0ef516a9beb2fe52ad3a281a5fce174725e1a9b72f1f5c60880f
8988fd956973195cb5f1e32061d7d3ebb53e31ef73c4a294638ea4606cf6f99f
8a43a17c8053b1540584bbedfe1e864cef3765e3e9fead491744751b77f75567
8a6665bce527dc384fc831ca1be508d08bcca13ce37eeb8942aa03c63e8844ac
92857c04210d76e4febf6a08cf182c5e9db652059579046159934f414d723266
95a29e7c662ae4e28e4064788ced1c863a480a2f26037f0f4e278397c0569b04
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a011038a76be7a9d77742542f06fd2fd162bd52ae3717af373b3147bd7476c9
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a06db01a3879f630d97601258aa64f9ed2f8cdeaddfa2a783edfee5203a69d09
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a23c48b5ab60ced83c945fbdf25255b946fc5373c04c328b78342baf2a06f04e
a41a9c2e97e7bb0bf924f5fb3f384dca28466f1cd99caacc30ce92b0b81562f7
a647847e4415a510c572ab3fdf8b43d2111026e7ff344d8bf98dab8a299e889e
a714d3e7cd0751a5f1428881d65043743826415dbdcf7b3f3bc3f938180f18da
a87793464db4c29591450d8c074fb7d230d6974f7517244815ccd1ea1ea5d44d
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
b272e48a2f4a0163b3acba3b5db3324c07a4519197287dc63d70dd870a2a8119
b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380
b6897a9f448d833f1f865eb8b33695180a1d1163b1ebae144a7103670575a90d
b9375e587b58b6374935074999e89e3f245ed0711b44846706300d4bfa47e985
b95d245dcb6b43ce640956e2941b0dd6028b64327041fe3794a83896a509350c
b9b885fad5de458413b37ebb091d4fdcdff50cf6ed0103e97a9c2f63f7ac9f9b
ba55302b8bf416d8888b3b2444862ce149189857163763e85fc832307a1aabf0
bd067b886f4a67dd25c08fe73777bce7f506beb4c09d17d9f036f8a90901efd2
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c5de65925f229d445ed1e05cb7cdb239d12678e79a7196cc3411894c24fe0b76
ca3de110b0002f544794449302d03cd69bfe59b69c44a7547e5cc9fea0dec875
cc0770f5a2d562ea5334bed0b1bc9b487903997c8087e9690c2ba132ff219987
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cef398a7d9da2dc08136d8e2ba42d0715cda8c40fdd64ed9a54b78620c15a948
cf3877ae383aa387a9c9a57639fd70e390e86d45c88d81968d5266e7b545cb64
d1f83f449ce24fc7b30ed087c0810ff18065fdc9e451362eda82cd3c3bb916e4
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d2b3dcb4506c542e65e8eb4838fdcfffd4746876004915dca7ab9360c1605752
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
daddf779c6fe0b4f382987824df0b15db65cf281f717037477a833e3b1dfd00a
dbce3d1d856be0de5bdd7788ca52dbdad4834f06d26977ce2853e0502be38619
dc228e912765cf8289347e62db1643b7efd84f84483d4e550ae97649f882dc0d
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
dfaf0c0f869d41930f5578c11dbc75bdf3cb5a8a3948936309a1654000de9c3b
e083376479196a2dfe8a8875704d4ee1a268afa29ef1f0ac5c86a881df5cc02b
e08fdb6c24f7e58f9fe8f7d00741f84fd05bf8fa49bb0e26c64ae54fa0e8df81
e2a46dd077f95c893ab73345547a2981f543ba44ae9f7eeb8e46d7a15cd2424b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5770f310b74c597638b0bce2befc0edea22454df2aaaad3b2c8f8231bff375c
e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c
e6f27b5f3217099b5583d5ba05d391a2d5497cf4366d32a3c75ece9ed77e9907
e9efbdb8744598d9c718568a6b594ffb62ebe6f4023de616ef4d12ff05cb433e
ea760008cc69c29a8cb1ce39496e0c699dd0f8a4f02726ab555b3b0f9def28b3
ec47851c7f2b4e94b9d180e7d5562c12c73bcbdb29d2b3d04b9d692cc3c16220
ed3cfa7b4e54f817705b41842e5852870bf7496e039e2f851dcdaa35dc2011f6
ed69d753d61705a0b77f38322b20b4a161a7e5cdab4c063ef87dffd1fc663da7
ee901a5f44fcc6ea6ab97fb2751ce51af915d16dd99995a29a5905d2ce4b0831
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1bdaf99aa3dd57a0ae937d03cc1e9097231716d15a5e1cfdfed3f8f524ec784
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f4249296e7e8e35f7b9238c9db332e11c8b6d8b230e4fe36e5ba3362ec799c0d
f7d5bd330d61ba3ab07dbe79409262057b6be7c8cd5855777a218cb773cd5a72
fb89c81abb4f5f5d0756db47466a865c49935156d16fb2187652860f3b85de37
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

recover.novodetox.com Open in urlscan Pro 141.193.213.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

171 Requests

91 %HTTPS

47 %IPv6

29 Domains

40 Subdomains

32 IPs

4 Countries

3006 kBTransfer

7273 kBSize

51 Cookies

5 Outgoing links

Redirected requests

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

recover.novodetox.com Open in urlscan Pro
141.193.213.11 Public Scan

Screenshot
Live screenshot

Full Image

171
Requests

91 %
HTTPS

47 %
IPv6

29
Domains

40
Subdomains

32
IPs

4
Countries

3006 kB
Transfer

7273 kB
Size

51
Cookies

171 HTTP transactions
1 data transactions