offers.amrelieve.com Open in urlscan Pro
52.212.43.230 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-altern...
Submission: On June 13 via manual (June 13th 2022, 9:10:15 pm UTC) from US — Scanned from DE

Summary HTTP 170 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 59 IPs in 9 countries across 46 domains to perform 170 HTTP transactions. The main IP is 52.212.43.230, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is offers.amrelieve.com. The Cisco Umbrella rank of the primary domain is 502136.
TLS certificate: Issued by R3 on March 30th 2022. Valid for: 3 months.

This is the only time offers.amrelieve.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.212.43.230 52.212.43.230	16509 (AMAZON-02) (AMAZON-02)
26	2600:9000:224... 2600:9000:224a:b200:12:9e5f:cac0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	141.94.130.128 141.94.130.128	16276 (OVH) (OVH)
1	99.86.1.196 99.86.1.196	16509 (AMAZON-02) (AMAZON-02)
1	34.107.199.247 34.107.199.247	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
46	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.179.162 142.250.179.162	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	178.250.0.147 178.250.0.147	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	157.245.25.14 157.245.25.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	104.102.29.173 104.102.29.173	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
2	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.184.38.55 18.184.38.55	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	138.199.37.226 138.199.37.226	60068 (CDN77 ^_^) (CDN77 ^_^)
3	70.42.32.223 70.42.32.223	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	2600:9000:215... 2600:9000:2156:2000:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400e:80c::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	34.117.177.207 34.117.177.207	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	52.209.107.65 52.209.107.65	16509 (AMAZON-02) (AMAZON-02)
1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	23.35.236.122 23.35.236.122	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	185.33.223.38 185.33.223.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:215... 2600:9000:2156:4000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	18.195.70.80 18.195.70.80	16509 (AMAZON-02) (AMAZON-02)
1	52.215.125.248 52.215.125.248	16509 (AMAZON-02) (AMAZON-02)
1	104.90.161.232 104.90.161.232	16625 (AKAMAI-AS) (AKAMAI-AS)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.86.139.106 185.86.139.106	201081 (SMARTADSE...) (SMARTADSERVER)
1	52.58.122.252 52.58.122.252	16509 (AMAZON-02) (AMAZON-02)
1 2	99.81.70.153 99.81.70.153	16509 (AMAZON-02) (AMAZON-02)
2 2	34.202.254.59 34.202.254.59	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4602:2c20:3113:5c28:1366	14618 (AMAZON-AES) (AMAZON-AES)
1	18.235.141.125 18.235.141.125	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:612... 2600:1f18:612b:4200:5e70:34f8:9284:341c	14618 (AMAZON-AES) (AMAZON-AES)
1 1	184.30.21.112 184.30.21.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	52.29.77.213 52.29.77.213	16509 (AMAZON-02) (AMAZON-02)
170	59

1 52.212.43.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-43-230.eu-west-1.compute.amazonaws.com

offers.amrelieve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2600:9000:224a:b200:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets-global.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.130.128 (France)

ASN16276 (OVH, FR)
PTR: ns31442138.ip-141-94-130.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.1.196 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-196.fra6.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.199.247 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 247.199.107.34.bc.googleusercontent.com

www.wdf8bk3trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.179.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s41-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.147 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 157.245.25.14 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.29.173 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-173.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.38.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com

link.kneerelieve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.199.37.226 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-226.datapacket.com

gs-cdn.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2000:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:80c::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.177.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.177.117.34.bc.googleusercontent.com

jfapiprod.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.107.65 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-107-65.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.122 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-122.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.14 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.38 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.29.65 (Milan, Italy) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:4000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.70.80 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-70-80.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.125.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-125-248.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.161.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-161-232.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.106 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.122.252 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-122-252.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.70.153 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-70-153.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.202.254.59 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-254-59.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4602:2c20:3113:5c28:1366 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.141.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-141-125.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:5e70:34f8:9284:341c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.112 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.77.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-77-213.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	gstatic.com fonts.gstatic.com	746 KB
27	website-files.com assets-global.website-files.com — Cisco Umbrella Rank: 13301 assets.website-files.com — Cisco Umbrella Rank: 12261	5 MB
13	optimonk.com front.optimonk.com — Cisco Umbrella Rank: 21584 gs-cdn.optimonk.com — Cisco Umbrella Rank: 26293 jfapiprod.optimonk.com — Cisco Umbrella Rank: 24045	144 KB
10	criteo.com 3 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4287 gum.criteo.com — Cisco Umbrella Rank: 381 mug.criteo.com — Cisco Umbrella Rank: 2914 sslwidget.criteo.com — Cisco Umbrella Rank: 1589 widget.us.criteo.com — Cisco Umbrella Rank: 16956 dis.criteo.com — Cisco Umbrella Rank: 717	20 KB
7	adnxs.com 6 redirects secure.adnxs.com — Cisco Umbrella Rank: 399 ib.adnxs.com — Cisco Umbrella Rank: 231	7 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 48 stats.g.doubleclick.net — Cisco Umbrella Rank: 104 cm.g.doubleclick.net — Cisco Umbrella Rank: 206	6 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 974 trc.taboola.com — Cisco Umbrella Rank: 654 sync-t1.taboola.com — Cisco Umbrella Rank: 1209 trc-events.taboola.com — Cisco Umbrella Rank: 1595	19 KB
4	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 744 ads.yahoo.com — Cisco Umbrella Rank: 1078 ups.analytics.yahoo.com — Cisco Umbrella Rank: 290	1 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5859	827 B
4	google.com www.google.com — Cisco Umbrella Rank: 4	827 B
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	564 B
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 1975 tr.outbrain.com — Cisco Umbrella Rank: 1811 sync.outbrain.com — Cisco Umbrella Rank: 730	4 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 47 region1.google-analytics.com — Cisco Umbrella Rank: 35463	21 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 557 i6.liadm.com — Cisco Umbrella Rank: 1535	1 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 341	12 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	194 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 651 cdn.stickyadstv.com — Cisco Umbrella Rank: 2421	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 642	852 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 286	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1518	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 317	140 B
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 18836	6 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 368	7 KB
2	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 5888 trends.revcontent.com — Cisco Umbrella Rank: 2049	10 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 80	154 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 294 fonts.googleapis.com — Cisco Umbrella Rank: 55	10 KB
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1355	40 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2374	183 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1287	427 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 600	261 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 615	163 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1690	172 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 736	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 519	783 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 387	140 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 607	585 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 321	239 B
1	addthis.com cw.addthis.com — Cisco Umbrella Rank: 1480	424 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 2346	232 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 613	14 KB
1	kneerelieve.com link.kneerelieve.com — Cisco Umbrella Rank: 289608
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 127	15 KB
1	wdf8bk3trk.com www.wdf8bk3trk.com — Cisco Umbrella Rank: 680353	18 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
1	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 19523	13 MB
1	amrelieve.com offers.amrelieve.com — Cisco Umbrella Rank: 502136	13 KB
170	46

	Domain	Requested by
46	fonts.gstatic.com	fonts.googleapis.com
26	assets-global.website-files.com	offers.amrelieve.com assets-global.website-files.com
7	front.optimonk.com	offers.amrelieve.com front.optimonk.com
5	gs-cdn.optimonk.com	front.optimonk.com gs-cdn.optimonk.com
4	secure.adnxs.com	3 redirects
4	www.google.de	offers.amrelieve.com
4	www.google.com	offers.amrelieve.com
4	www.facebook.com	offers.amrelieve.com
3	ib.adnxs.com	3 redirects
3	dis.criteo.com
3	gum.criteo.com	2 redirects static.criteo.net
3	googleads.g.doubleclick.net	www.googleadservices.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com offers.amrelieve.com
3	connect.facebook.net	offers.amrelieve.com connect.facebook.net
2	trc-events.taboola.com	cdn.taboola.com
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	x.bidswitch.net	1 redirects
2	r.casalemedia.com	1 redirects
2	idsync.rlcdn.com
2	sp.analytics.yahoo.com	offers.amrelieve.com
2	tr.outbrain.com	amplify.outbrain.com offers.amrelieve.com
2	a.mgid.com	offers.amrelieve.com
2	s.yimg.com	offers.amrelieve.com s.yimg.com
2	www.googletagmanager.com	offers.amrelieve.com www.googletagmanager.com
1	exchange.mediavine.com
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	criteo-partners.tremorhub.com
1	jadserve.postrelease.com
1	i6.liadm.com
1	match.sharethrough.com
1	rtb-csync.smartadserver.com
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	s.ad.smaato.net
1	contextual.media.net
1	eb2.3lift.com
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	cw.addthis.com
1	sync.outbrain.com
1	ups.analytics.yahoo.com
1	ads.yahoo.com
1	partner.mediawallahscript.com
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com	offers.amrelieve.com
1	jfapiprod.optimonk.com	gs-cdn.optimonk.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.criteo.net	dynamic.criteo.com
1	region1.google-analytics.com	www.googletagmanager.com
1	assets.website-files.com	assets-global.website-files.com
1	trc.taboola.com	cdn.taboola.com
1	link.kneerelieve.com	offers.amrelieve.com
1	amplify.outbrain.com	offers.amrelieve.com
1	assets.revcontent.com	www.googletagmanager.com
1	dynamic.criteo.com	www.googletagmanager.com
1	cdn.taboola.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.googleapis.com	ajax.googleapis.com
1	www.wdf8bk3trk.com	offers.amrelieve.com
1	d3e54v103j8qbb.cloudfront.net	offers.amrelieve.com
1	i.postimg.cc	offers.amrelieve.com
1	ajax.googleapis.com	offers.amrelieve.com
1	offers.amrelieve.com
170	69

This site contains links to these domains. Also see Links.

Domain
link.kneerelieve.com

Subject Issuer	Validity	Valid
offers.amrelieve.com R3	`2022-03-30` - `2022-06-28`	3 months	crt.sh
*.website-files.com Amazon	`2021-11-12` - `2022-12-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
postimg.cc R3	`2022-06-12` - `2022-09-10`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
wdf8bk3trk.com Starfield Secure Certificate Authority - G2	`2022-02-16` - `2023-02-16`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.optimonk.com AlphaSSL CA - SHA256 - G2	`2022-05-16` - `2023-06-17`	a year	crt.sh
assets.revcontent.com R3	`2022-05-17` - `2022-08-15`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-13` - `2022-08-03`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
link.kneerelieve.com R3	`2022-04-26` - `2022-07-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
gs-cdn.optimonk.com R3	`2022-06-08` - `2022-09-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
jfapiprod.optimonk.com GTS CA 1D4	`2022-06-10` - `2022-09-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.mediawallahscript.com Amazon	`2022-05-04` - `2023-06-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-07` - `2022-11-30`	6 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2021-08-05` - `2022-09-03`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Frame ID: 4148632D7D65D092F4FEB051F89E4880
Requests: 138 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=offers.amrelieve.com&origin=onetag
Frame ID: 0E03FB63F208B6620333E05188A62C03
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jhZmuoGCbQ3FbpRMkRRzASyKLGg-Quu0o6xpQA&google_gid=CAESENVHpbl6sXJwHeOUBIhDCVI&google_cver=1&google_ula=913071,0
Frame ID: 725F48543BEDA2A294C5B6709D33E692
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Is Knee Surgery The Only Choice For Seniors? Dr. Jeremy Campbell Shares An Breakthrough Alternative Thousands Of Seniors Swear By

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

170
Requests

93 %
HTTPS

33 %
IPv6

46
Domains

69
Subdomains

59
IPs

9
Countries

19073 kB
Transfer

22899 kB
Size

59
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://link.kneerelieve.com/click?undefined
Title: Get The Knee Pain Miracle You Have Been Praying ForClick here to find more...

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 134

https://gum.criteo.com/sid/json?origin=onetag&domain=amrelieve.com&sn=ChromeSyncframe&so=0&topUrl=offers.amrelieve.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=cpxRNXxZYkdNdVIyZVJKblVZN1VSUFk5NFlUODNMQ2dFNlJlYmtsRlNtajVOTnBQNlFwdUdoLytGeks4VS84aVV3MU50VGlxL2lyZE9oOXk5Y1REWEQxOGNMRTdKMmpEc2hleEdoejVsMDNIWGs1MFBYMEYzdkVjNkhTWjFFYkNLTmsyR040RHZTMnRldmhOdVJyaW11Ty8vR2szY2kzQjZGYi9GOUlpZHZSWnFNSEZxTk9RQmRTbzNlZHlZY2NTOS9tSWpHM2hNa1NqWkh0MHdYK1dVc2Z1L2x3c0tjd29MdTJ6YzdOLzAwOE5DSnY4eHFRL3ZmVlZkMVhxbDREaVE1QmNmaXZvR21TL2hXZTJEUE14VmFhaUdydz09fA&cppv=2

Request Chain 136

https://sslwidget.criteo.com/event?a=76854&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvpg&p2=e%3Ddis&adce=1&bundle=lj4vNV9aN051OEFvZlQ4UTQ0Z1BFU2hQU0tmJTJCWERPbnJCUFY5S2FnQWQxMUdqb2ZDWEFtYW9VRTB3TkFrYUkwbVNhZSUyQkZhQlI2bnlJUlM0M1FDdFZhdjQ2VGg4Y0xYVHNEZktZNEtXcWJ2aURjR0Jxc0Z5NXJoWWRrd3NlNGg1Y3RzZ21OYW9acyUyRlVXWUlSVSUyRnM4JTJCYXp5b25nJTNEJTNE&tld=amrelieve.com&dy=1&fu=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&dtycbr=31493 HTTP 302
https://widget.us.criteo.com/event?a=76854&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvpg&p2=e%3Ddis&adce=1&bundle=lj4vNV9aN051OEFvZlQ4UTQ0Z1BFU2hQU0tmJTJCWERPbnJCUFY5S2FnQWQxMUdqb2ZDWEFtYW9VRTB3TkFrYUkwbVNhZSUyQkZhQlI2bnlJUlM0M1FDdFZhdjQ2VGg4Y0xYVHNEZktZNEtXcWJ2aURjR0Jxc0Z5NXJoWWRrd3NlNGg1Y3RzZ21OYW9acyUyRlVXWUlSVSUyRnM4JTJCYXp5b25nJTNEJTNE&tld=amrelieve.com&dy=1&fu=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&dtycbr=31493

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-jhZmuoGCbQ3FbpRMkRRzASyKLGg-Quu0o6xpQA&google_cm&google_hm=ay1qaFptdW9HQ2JRM0ZicFJNa1JSekFTeUtMR2ctUXV1MG82eHBRQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jhZmuoGCbQ3FbpRMkRRzASyKLGg-Quu0o6xpQA&google_gid=CAESENVHpbl6sXJwHeOUBIhDCVI&google_cver=1&google_ula=913071,0

Request Chain 138

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=oBDoKTv59LpF5tClZk2ZPHQJxCGEZl1I

Request Chain 147

https://secure.adnxs.com/setuid?entity=52&code=k-ePfCw4GCbQ3FbpRMkRRzASyKLGjTAz2f4m0bxQ&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-ePfCw4GCbQ3FbpRMkRRzASyKLGjTAz2f4m0bxQ%26seg%3D95287

Request Chain 148

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1333563310102459979

Request Chain 152

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-vdPJYIGCbQ3FbpRMkRRzASyKLGjYREJIfUbmMw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-vdPJYIGCbQ3FbpRMkRRzASyKLGjYREJIfUbmMw&C=1

Request Chain 154

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-eTQ6XIGCbQ3FbpRMkRRzASyKLGh0FKo-ikLkyg&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-eTQ6XIGCbQ3FbpRMkRRzASyKLGh0FKo-ikLkyg&expires=30&user_group=5

Request Chain 160

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-b6xmh4GCbQ3FbpRMkRRzASyKLGhSWs0mcHfvNw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-b6xmh4GCbQ3FbpRMkRRzASyKLGhSWs0mcHfvNw

Request Chain 161

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-SfTY2oGCbQ3FbpRMkRRzASyKLGgpzEFFkbKg-g HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-SfTY2oGCbQ3FbpRMkRRzASyKLGgpzEFFkbKg-g&_li_chk=true&previous_uuid=6ada922f93274c09acb27a6f37948551 HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-SfTY2oGCbQ3FbpRMkRRzASyKLGgpzEFFkbKg-g

Request Chain 164

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-4vogXYGCbQ3FbpRMkRRzASyKLGhYFWsu4C5CSQ&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 167

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1333563310102459979

170 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp Show response
offers.amrelieve.com/adv/ 55 KB
13 KB 403ms
152ms Document
text/html 52.212.43.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.212.43.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-43-230.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 3523694353bc571190a91da3abd13775ac456abdafff8a68840b15c70f6902b1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2607
content-encoding: gzip
content-length: 13262
content-type: text/html
date: Mon, 13 Jun 2022 21:10:08 GMT
server: openresty
vary: x-wf-forwarded-proto, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-cluster-name: eu-west-1-prod-eks-15
x-lambda-id: d28c2f20-55f0-467e-91dc-76c2dcf355f3
x-served-by: cache-iad-kjyo7100163-IAD, cache-dub4339-DUB
x-timer: S1655154609.640721,VS0,VE89

GET
H2 200 uke-full-sales-cro.036af7a13.min.css
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/css/ 935 KB
124 KB 121ms
30ms Stylesheet
text/css 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/css/uke-full-sales-cro.036af7a13.min.css
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cdc2c44bacb7ef4d8e6f362dae3b563eddeb1da196b483d614442e96defa8fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: sesywYLMSY_mtrbHIJ5CTH7tyFSVPKTF
content-encoding: gzip
etag: "019f6898710fefd63ee086e2b089ba5f"
age: 61651
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 126054
last-modified: Thu, 09 Jun 2022 17:38:13 GMT
server: AmazonS3
date: Mon, 13 Jun 2022 04:02:38 GMT
content-type: text/css
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: NQIQQeN68cqcwunD7lV_qAffGmhIfU3xbGioeWTfCxIerERpWV-LbQ==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 135ms
37ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 08:39:55 GMT

GET
H2 200 616d989463b4ee94d41f4c52_Layer%2031%20copy%401X.png
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/ 611 B
1 KB 27ms
25ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/616d989463b4ee94d41f4c52_Layer%2031%20copy%401X.png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 036d6b7312ffa118cce54209404528f82b5fd767aaef520d1d1d0378a7350c81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 12 Jan 2022 09:14:13 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Mon, 18 Oct 2021 15:53:58 GMT
server: AmazonS3
age: 13175757
etag: "8a0db196c8969c2e47441838128bf1c0"
x-cache: Hit from cloudfront
x-amz-version-id: 6YsRUC.cL6wulqP1e9cDW8i2gGk3lX0N
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 611
x-amz-cf-id: BuseSpxIzwzftG1q-01EReFJLDu_WR-F0GqqL3Ogf2tWvAVQIXL5PQ==

GET
H2 200 616d989463b4eef2bf1f4c46_Shape%203%20copy%401X.png
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/ 411 B
842 B 27ms
25ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/616d989463b4eef2bf1f4c46_Shape%203%20copy%401X.png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91e1639bfe28ee7938a2f1ebdf5b6fa1b6e8f61de0db1ee2caef69dc12483ff5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 05 Jun 2022 01:13:04 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Mon, 18 Oct 2021 15:53:57 GMT
server: AmazonS3
age: 763026
etag: "7a2ff1a286aa7d10da049fb8e50e92eb"
x-cache: Hit from cloudfront
x-amz-version-id: iv.rQas13VsWhsOeH26GLcONLZx22BFf
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 411
x-amz-cf-id: AtgzSy0rGzQV1s2TLpmL8ZEyLBYszTCCq6oa3j8CNBlpKJE_UwDH7Q==

GET
H2 200 6149e6c316e562cf89091a26_610e54973a09e9de6eeb5a6f_Ellipse%2027.png
assets-global.website-files.com/613b92ce3f1ad6f72dfbc6d9/ 9 KB
9 KB 29ms
27ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/613b92ce3f1ad6f72dfbc6d9/6149e6c316e562cf89091a26_610e54973a09e9de6eeb5a6f_Ellipse%2027.png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ace7ece49563b15b32c04681eca2e9b0507170777f1622b9161e48618fdaae3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 13 Feb 2022 19:10:44 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Tue, 21 Sep 2021 14:05:57 GMT
server: AmazonS3
age: 10375166
etag: "296c6e034387be24e125bbddfcf6a413"
x-cache: Hit from cloudfront
x-amz-version-id: 0vkXfjI_AwKEuNKdSWIo2mifnHh2cUq.
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 8918
x-amz-cf-id: eYVg_L67X4uVYAbHnJi_Ckn80r6-Vp56ArfG5yofS-MvTYdqo7toCw==

GET
H2 200 6149ec7bacb6e8200340c58a_61080fab813397a7879d4b0e_Ellipse%2025.png
assets-global.website-files.com/613b92ce3f1ad6f72dfbc6d9/ 9 KB
10 KB 31ms
29ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/613b92ce3f1ad6f72dfbc6d9/6149ec7bacb6e8200340c58a_61080fab813397a7879d4b0e_Ellipse%2025.png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdb881384544268d5eab706262d1e607a14295db46c8661d33d9889cf0f9f893

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 12 Jan 2022 09:14:13 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Tue, 21 Sep 2021 14:30:21 GMT
server: AmazonS3
age: 13175757
etag: "4bd6d395b1839a2513957ad00c04cb59"
x-cache: Hit from cloudfront
x-amz-version-id: rNLWbK47NAHJ9bf65GY1Bbepqz8UwTlE
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 9603
x-amz-cf-id: iuDRmFPFmzVJc5kZVRDONkU9orzmXBqXgI4f7RWYXecIrx6O3HGlgg==

GET
H2 200 6149ebee4c7b3a52951834a4_610ec6baf7ff771919bf5c76_test-04%20(1).jpg
assets-global.website-files.com/613b92ce3f1ad6f72dfbc6d9/ 1 KB
2 KB 27ms
25ms Image
image/jpeg 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/613b92ce3f1ad6f72dfbc6d9/6149ebee4c7b3a52951834a4_610ec6baf7ff771919bf5c76_test-04%20(1).jpg
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e61574316878cc4b84869059fb97a686550912b56b60e2684afbe4e663470cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 09 Jun 2022 02:23:07 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Tue, 21 Sep 2021 14:28:00 GMT
server: AmazonS3
age: 413223
etag: "8104b48a34f98ab4b0f817d725a909d9"
x-cache: Hit from cloudfront
x-amz-version-id: uGkNm06zIXJppQvrWGvhtxwb3Lqjoutt
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/jpeg
content-length: 1390
x-amz-cf-id: rVcroYgTfLc6r9BzCupCjgmIFDOMKBG_e7YmF1fG3sXSfI4ChpN3rw==

GET
H2 200 621607f8907ee013dded7ac1_Body-Exopulse1.png
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/ 123 KB
124 KB 34ms
32ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/621607f8907ee013dded7ac1_Body-Exopulse1.png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2600a9847840ff211ba8121dc4d6c865425c73d6e8b904c7a609eac9baf1b71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 24 Feb 2022 12:59:35 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 10:10:04 GMT
server: AmazonS3
age: 9447035
etag: "2275f4a21c24955a2f8a67cc4099af86"
x-cache: Hit from cloudfront
x-amz-version-id: k4GmX3fdixNFLp_WZbl4rhz823.kTw9t
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 126154
x-amz-cf-id: zh7spYbNz-clXsMe2bZdIR4F7NedGXuNamKodpEAhK-GtrDHLcYt5Q==

GET
H2 200 62164032f2d0575c8b0f312a_exopulse.png
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/ 133 KB
134 KB 61ms
59ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/62164032f2d0575c8b0f312a_exopulse.png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 108d6afcdaa07ade2faa160e61c7d7cc3b608e52aa86ff2e7fcdb202c1246f28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 07 Jun 2022 04:33:08 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 14:09:56 GMT
server: AmazonS3
age: 578222
etag: "5c184d11ca9b908f2994119a0bd4bb45"
x-cache: Hit from cloudfront
x-amz-version-id: Np9P9w7BmkjwMDH.Poz0DSqURkrBAYPj
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 136366
x-amz-cf-id: peVPMN8ezfV6e_Y9gpwhLzxGR3awtqjvg_sCCNpyQk-x5_0ph9of-Q==

GET
H2 200 6216084ca9e9ff0116dd1179_Body-Exopulsecut.png
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/ 121 KB
122 KB 94ms
92ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/6216084ca9e9ff0116dd1179_Body-Exopulsecut.png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f066c7f02adff80237744e45e0f4d817dfb94b59e06cf15ff708443822394f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 24 Feb 2022 12:59:35 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 10:11:26 GMT
server: AmazonS3
age: 9447034
etag: "3cb2d695b666d96dc4f6dc563229c296"
x-cache: Hit from cloudfront
x-amz-version-id: Mc.m03o1wLnuAjc9uQvjCDhCV__EDAUm
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 124220
x-amz-cf-id: -YMaQuA_h7Hu4pMMGQenqhMRuI_CzyhUz0RRFfnM_uRiuGkUUMqmOw==

GET
H2 200 61ea691e196569973758fe5f_60d201a12ef5a84df89b6f19_Jeremy-1d%20copy.png
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/ 141 KB
141 KB 117ms
116ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/61ea691e196569973758fe5f_60d201a12ef5a84df89b6f19_Jeremy-1d%20copy.png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34225d7f73507f68f00c3605cb61eecb8b670b014fe633e824e6fe19bcf49e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 06 Jun 2022 07:49:26 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jan 2022 08:04:48 GMT
server: AmazonS3
age: 652844
etag: "c079294c6f090932fe4047009604f98d"
x-cache: Hit from cloudfront
x-amz-version-id: QBxbUgj7_nqln9ZbFpwME0ZhZQo4jaly
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 143927
x-amz-cf-id: d_B1oi09O5Lbh-6VUyD24cH3HMA3uDwFIbOTHFVVkPGBlb-J0vJfAw==

GET
H2 200 ddenk6x6iwr4tmsqbyh6-1.gif
i.postimg.cc/hvxvM0M3/ 13 MB
13 MB 201ms
17ms Image
image/gif 141.94.130.128
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/hvxvM0M3/ddenk6x6iwr4tmsqbyh6-1.gif
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.130.128 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31442138.ip-141-94-130.eu
Software: nginx /
Resource Hash: 89859e3e04631dda5bf72fa4dda08d8ac6e61f051022ac3dad813b450c7b4521

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
last-modified: Thu, 21 Apr 2022 14:00:10 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 13179733
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 60a532843695b34a8c5cd713_tman1%20(2).png
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/ 4 KB
4 KB 142ms
140ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/60a532843695b34a8c5cd713_tman1%20(2).png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8683f45a2ee8c6523438bfe8d32266ffede8d7987e6ebd05665f75e870518051

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 12 Jan 2022 12:03:21 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Wed, 19 May 2021 15:45:09 GMT
server: AmazonS3
age: 13165609
etag: "70bce3346ac34bf88d46d262712fb359"
x-cache: Hit from cloudfront
x-amz-version-id: 4dq9Yh0qDiMZNqvxmMVQ49RA9NZOmkB1
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 3977
x-amz-cf-id: 6yQlrmKXeam1TI7Bvyer67on3jTAAqWqsay9pVpOU6RuZmQXnlugpg==

GET
H2 200 60a6bb5aea0c7ed4caee753e_f-2.png
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/ 35 KB
35 KB 144ms
143ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/60a6bb5aea0c7ed4caee753e_f-2.png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8e237ac1346c5a793d488c430200697df58e08213467d265b9a9107b37d9516

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 26 May 2022 03:56:48 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Thu, 20 May 2021 19:41:16 GMT
server: AmazonS3
age: 1617202
etag: "431d78d5b3d421262bbac7163a6767ff"
x-cache: Hit from cloudfront
x-amz-version-id: Wckj6STiWydnrjj5TETdArxyWW.x3djY
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 35582
x-amz-cf-id: ULsTzpTYedMVNcB-nVwlK2dzr66Xn682pjPe4ANejDC4tTak0vRBMQ==

GET
H2 200 60d201cef22fc4bbd3ec798e_tman3%20(1).png
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/ 4 KB
4 KB 148ms
146ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/60d201cef22fc4bbd3ec798e_tman3%20(1).png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a4c74769c54c9b89f62cea80a3613053e94dbbb4bc75eb5d9b92df67faada16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 11 Apr 2022 00:14:43 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Tue, 22 Jun 2021 15:29:20 GMT
server: AmazonS3
age: 5518527
etag: "09df2324e74e99eb6f0bdde8e43b0e99"
x-cache: Hit from cloudfront
x-amz-version-id: CPpz.VcLn4.AsVaxsunfOH3Srm.rO_4.
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 3718
x-amz-cf-id: yVIcjPzWg6b5atcpz4-lolit7pg6OtBi9zR_dF_gGZlaVmQ12zbDoQ==

GET
H2 200 61646100bc6d67bcd1610d35_tman2.png
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/ 9 KB
9 KB 149ms
148ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/61646100bc6d67bcd1610d35_tman2.png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbbb765760c045d5497ee51028639b9377965e8ec84d59c7b2e8c431b821405c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 31 May 2022 01:10:13 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Mon, 11 Oct 2021 16:06:25 GMT
server: AmazonS3
age: 1195197
etag: "b24fefe51f66e8a81da878af2c8ac0c1"
x-cache: Hit from cloudfront
x-amz-version-id: OKdvpZ3CqtCoFHeclyQeUn_4y6t1XWTR
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 9028
x-amz-cf-id: 9W5f5aZeiBMGnipRgZBp9aDCtsTgvmdG4QEUhIHUi_-MHPj_1HSzfA==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 45ms
9ms Script
application/javascript 99.86.1.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=60a3f01f310d6f2c017b0f2a
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-196.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://offers.amrelieve.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 03:10:04 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 64805
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Za_RZ2UCRyaqEMKaaOsWpZ5GgkCF021mcmTSpZ4IBRZty-_OfZ7lRw==

GET
H2 200 uke-full-sales-cro.4ccce9889.js Show response
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/js/ 2 MB
103 KB 29ms
29ms Script
text/javascript 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/js/uke-full-sales-cro.4ccce9889.js
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21f277c8c086cd233b99e3473d58ae54dbc060e122ea323593377e5b202a0014

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: U4jnAjfZnx5RwVWOfSZpPQKDA9cM4YK8
content-encoding: gzip
etag: "dcb7667d805b8d03f19c00db5fe2578a"
age: 28638
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 104918
last-modified: Fri, 10 Jun 2022 14:15:51 GMT
server: AmazonS3
date: Mon, 13 Jun 2022 13:12:51 GMT
content-type: text/javascript
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: MjZ7cPbSDWWa5ZTDRXlTsMz9dctRlqlNMgIE7oj5vFgZLhglBVQgZg==

GET
H2 200 everflow.js Show response
www.wdf8bk3trk.com/scripts/sdk/ 58 KB
18 KB 210ms
117ms Script
text/javascript 34.107.199.247
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wdf8bk3trk.com/scripts/sdk/everflow.js
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.199.247 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 247.199.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c494e6684e1634aa53c2115e6638851b10b998eaf5cafbd11b8121ff7e519fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: text/javascript
content-encoding: gzip
cache-control: max-age=14400
x-eflow-request-id: 1e604f12-08c1-4667-a622-b4bb40e15090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 css
fonts.googleapis.com/ 131 KB
4 KB 62ms
56ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7COpen+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CVarela+Round:400%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7COswald:200,300,400,500,600,700%7CRoboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic%7CPoppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRubik:300,regular,500,600,700,800,900,700italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd66770c5dabf42a7fe836d75942a7ed4bd9673d184b7c9d0d76ddbd059fd105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 21:10:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Jun 2022 21:10:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Jun 2022 21:10:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 31ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: 3TFvg9AHeOqNwEvFA5PH4IQ6TblTtbR1rZtS4aM6EWhcyMB/GpJk/jcadONaX9UK24jIXku/tIpwY5hGzSobUg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 13 Jun 2022 21:10:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 313 KB
85 KB 143ms
60ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNJFTHV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c623e6d542438c23c61e8f01e4451ef9a8571fb84148e6295ad4eb992c1dc3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86985
x-xss-protection: 0
expires: Mon, 13 Jun 2022 21:10:09 GMT

GET
H2 200 60a3f07613722871051c16ac_logo.png
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/ 4 KB
5 KB 121ms
121ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/60a3f07613722871051c16ac_logo.png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9d1c56086d019ec3562a57747ab0e56465297c54c85acfd29feba46c8a3bec7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 12 Jan 2022 09:06:26 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Tue, 18 May 2021 16:51:04 GMT
server: AmazonS3
age: 13176224
etag: "55c7b6b00c4a67f777a2fcdd740936af"
x-cache: Hit from cloudfront
x-amz-version-id: gINdN6MxgHTftrenWMi3RgUHplPKIJKq
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 4279
x-amz-cf-id: eGIgyQJG4i8oTIDj_KOSRykGxQGaW3S5_kZvwjkhP-QolrbHPT_7Bg==

GET
H2 200 61811e9081cc48c397e7bc56_1.png
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/ 937 B
1 KB 122ms
121ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/61811e9081cc48c397e7bc56_1.png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e18564bddbb4a63819726d5ae1937fba9788d14b1224113a71c6d7450038613a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 27 May 2022 01:02:08 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Tue, 02 Nov 2021 11:18:43 GMT
server: AmazonS3
age: 1541281
etag: "d5983c43daa2ba7622922de2601410a8"
x-cache: Hit from cloudfront
x-amz-version-id: d4kFw5ITumnjqlwVZ2U8eWlnw5lwyHL4
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 937
x-amz-cf-id: I9lYZnQ5jeaNeKvYRksQz-pirTZM-B2VdPmLLPaYvVjMbkKXu8HL7g==

GET
H2 200 61c4347ddccfe6a625353303_image_2021-12-23_103404.png
assets-global.website-files.com/61af6681c4aa13ea0ecc5b71/ 42 KB
43 KB 124ms
123ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/61af6681c4aa13ea0ecc5b71/61c4347ddccfe6a625353303_image_2021-12-23_103404.png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdfbfb2854dedcda7341d9ff3c7a8a9c9407c994281d26eca3ffb0c1b268ba18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 07 Jun 2022 09:03:06 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Wed, 01 Jun 2022 15:52:35 GMT
server: AmazonS3
age: 562024
etag: "aa8e34da8cc8b8188cd4ebab3ac02815"
x-cache: Hit from cloudfront
x-amz-version-id: MZZcNIC3LiKH0r0f1dInmRYNWcQNOeu2
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 43403
x-amz-cf-id: O5gS8Ew6MLqXxWhcX9bGcotoikJKzrecA0lzPx5fkWyANqWfbglX5Q==

GET
H2 200 6254630f2f376a4475c859c3_shutterstock_660935038-p-1600.jpeg
assets-global.website-files.com/61af6681c4aa13ea0ecc5b71/ 90 KB
91 KB 119ms
119ms Image
image/jpeg 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/61af6681c4aa13ea0ecc5b71/6254630f2f376a4475c859c3_shutterstock_660935038-p-1600.jpeg
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0224cc724bcb8a2d530b1b697a52215a17d941f8c2dad213c42111cd976e7bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 25 May 2022 13:31:01 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Mon, 11 Apr 2022 17:19:22 GMT
server: AmazonS3
age: 1669149
etag: "a53826a59a3315a7243c957816fe2aae"
x-cache: Hit from cloudfront
x-amz-version-id: Btq2HOcWMX95IqWH926d_t.MxgvQeZkQ
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/jpeg
content-length: 92658
x-amz-cf-id: YzbmPSEq6_gmpElyjhKLTLKNNdoP9qC-ZhosU7QkN9mi_YAZoAhZFw==

GET
H2 200 624eb195ab4b9c20b43499af_image_2022-04-07_124036120.png
assets-global.website-files.com/61af6681c4aa13ea0ecc5b71/ 708 KB
709 KB 119ms
118ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/61af6681c4aa13ea0ecc5b71/624eb195ab4b9c20b43499af_image_2022-04-07_124036120.png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3afb91a3341abe63b33888e9d702beb9c2b6a1b62fac96ca77af843913176d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 11 Apr 2022 08:50:12 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Thu, 07 Apr 2022 09:40:38 GMT
server: AmazonS3
age: 5487598
etag: "cf97bc2ea9dc1abf258fa0ae6b0d8933"
x-cache: Hit from cloudfront
x-amz-version-id: CcLhN_gywx.WFWHZrGx4mi8WMPi0nHM_
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 724837
x-amz-cf-id: 7obQpseRbjq1BkKD_lun44xQaW3r3ecWQbNoDtaMOBcKTBExAxXcJQ==

GET
H2 200 62431f42b2fa1222b3e4dbff_Shape%201%401X.png
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/ 330 B
761 B 160ms
160ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/62431f42b2fa1222b3e4dbff_Shape%201%401X.png
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/css/uke-full-sales-cro.036af7a13.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6870ac3cd95b291dcd069ac4d7d2255c0879fac3e34fd65df55631b3fb5092d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/css/uke-full-sales-cro.036af7a13.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 02 Jun 2022 01:17:12 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 15:01:24 GMT
server: AmazonS3
age: 1021978
etag: "23a23dc86da1864d71ed4ec02d7b4b22"
x-cache: Hit from cloudfront
x-amz-version-id: 0OdJWz9mW3cKHi1QH9bnDuuTjpN45B6r
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 330
x-amz-cf-id: oBW2PkcT_7616N_U1arswvrtFnkjvtlRZCrA2FKdS4X9yDsMZTxHag==

GET
H2 200 62431f42b2fa12755ae4dbfd_Forma%201%401X.png
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/ 245 B
678 B 160ms
159ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/62431f42b2fa12755ae4dbfd_Forma%201%401X.png
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/css/uke-full-sales-cro.036af7a13.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a85719186d819a53411312a0e7dc27c1ccc5e04c45f97dc010fd6ad00b76cea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/css/uke-full-sales-cro.036af7a13.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 11 Apr 2022 16:04:59 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 15:01:23 GMT
server: AmazonS3
age: 5461511
etag: "eaa0811af2236a5800140ca4159f68fd"
x-cache: Hit from cloudfront
x-amz-version-id: mLC3rhRfSN2IiF3nCSl.UzrXDy.jyTJI
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 245
x-amz-cf-id: XxBhFdF0QvFFVhxKsN14JFTtOw8yzpueN4uW_grFhF83t9SvLCPEXA==

GET
H2 200 62431f42b2fa1207b5e4dc09_icons8-house-64.png
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/ 1 KB
2 KB 160ms
159ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/62431f42b2fa1207b5e4dc09_icons8-house-64.png
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/css/uke-full-sales-cro.036af7a13.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de6360501e338ae36e7a18973604d2b34d6cb11091717c480c462a10b3a1b539

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/css/uke-full-sales-cro.036af7a13.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 11 Apr 2022 16:04:59 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 15:01:24 GMT
server: AmazonS3
age: 5461511
etag: "0393c654f4dc4eec96841e590980fdbe"
x-cache: Hit from cloudfront
x-amz-version-id: nDiQ_9xp9OFxEhnIsgRLceGbhkOjU4LO
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 1192
x-amz-cf-id: ej-UV2Ud_zlM1yeZPWrCFe7hQamUDELVGBV10_4vjgEVuhGY-_HR-g==

GET
H2 200 62431f42b2fa120b17e4dc07_icons8-location-64.png
assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/ 1 KB
2 KB 160ms
160ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/62431f42b2fa120b17e4dc07_icons8-location-64.png
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/css/uke-full-sales-cro.036af7a13.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8ab9b9420c62d3c6aec3b2a0e8690a55fa03b9830bc8e7dd8a7e09acedbafe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/css/uke-full-sales-cro.036af7a13.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 18 May 2022 05:52:52 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 15:01:23 GMT
server: AmazonS3
age: 2301438
etag: "963b9954e1a11134c4d997893e4e1480"
x-cache: Hit from cloudfront
x-amz-version-id: OD46UAJHiEJnsSnJV.TdqeXPGpbhLNvp
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 1506
x-amz-cf-id: bYFeZEXnUyS-cJG3Pa1bn9zUys_pnbZgQn8gYas1Ehm4BDsn7y0Tog==

GET
H2 200 61c468f70889dd5590be5d58_image_2021-12-23_141758.png
assets-global.website-files.com/61af6681c4aa13ea0ecc5b71/ 2 MB
2 MB 129ms
128ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/61af6681c4aa13ea0ecc5b71/61c468f70889dd5590be5d58_image_2021-12-23_141758.png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32e396c2538a89401dd7cc5758f7ada6294a4d7b94065404a58135013475f832

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 25 May 2022 00:48:37 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 22:15:48 GMT
server: AmazonS3
age: 1714893
etag: "21d7273879b7f7945f9ed0c56c471288"
x-cache: Hit from cloudfront
x-amz-version-id: sGxHiQx0iuPJZKov_vVjyHt5eoawvcdy
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 2013621
x-amz-cf-id: Z8o_iW4ZSzHzQxIc5AwUQJ7U8qReMSrlxWJFoxW3_SUaepkgOZ4_nw==

GET
H2 200 61f81b592b724043f4fadaf9_image_2022-01-31_192441.png
assets-global.website-files.com/61af6681c4aa13ea0ecc5b71/ 1 MB
1 MB 129ms
129ms Image
image/png 2600:9000:224a:b200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/61af6681c4aa13ea0ecc5b71/61f81b592b724043f4fadaf9_image_2022-01-31_192441.png
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44b23bd9972b496b7d9a2154192c6ce3bfed354a4393bc08c43432d9b22a1e69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 11 Apr 2022 08:50:59 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
last-modified: Mon, 31 Jan 2022 17:24:43 GMT
server: AmazonS3
age: 5487551
etag: "7c83a31baafa2f35cda9b626fbfa3af1"
x-cache: Hit from cloudfront
x-amz-version-id: NisWQ_wIPfnz7B2GPWE.55hrCGHEcBM8
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
content-length: 1092906
x-amz-cf-id: dVj-g_i6GhsRm3OqRLGu0xYlD1M7MLkFRrIlweKnHny4YBdhXXrzHA==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 30 KB
30 KB 254ms
160ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7COpen+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CVarela+Round:400%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7COswald:200,300,400,500,600,700%7CRoboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic%7CPoppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CRubik:300,regular,500,600,700,800,900,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:08:21 GMT
x-content-type-options: nosniff
age: 532908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:08:21 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 131ms
38ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 32011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 12:16:38 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v29/ 47 KB
47 KB 185ms
98ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c0b68ea789d4bc6705f42dd6c44eb38306b965df01f9409eb4a941370e3b158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 10:35:09 GMT
x-content-type-options: nosniff
age: 38100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47924
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 10:35:09 GMT

GET
H2 200 244035010748565 Show response
connect.facebook.net/signals/config/ 291 KB
84 KB 58ms
57ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/244035010748565?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8cbe0c335e9bfbde6c16698f7f837de1f3ee9aeab30dde2b2336f56d38f37524

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: o0YYjQ1I06KTmYjKiKPNjClEsliM9ZPOuqlxfaZJ2jkJCzAkUv3JTlCvpLaMv+PAiPCAJLHZNmibcoGkvkhQxw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 13 Jun 2022 21:10:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1655154609245
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v24/ 31 KB
31 KB 354ms
295ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98f2013859261e38a2f4c4016bc2acf1a77b0034fe977f702cefb302849a874d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:11:26 GMT
x-content-type-options: nosniff
age: 532723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31872
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:11:26 GMT

GET
H2 200 w8gdH283Tvk__Lua32TysjIfp8uP.woff2
fonts.gstatic.com/s/varelaround/v19/ 20 KB
20 KB 335ms
277ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/varelaround/v19/w8gdH283Tvk__Lua32TysjIfp8uP.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcf86d95e543e9748b28362562cdbce0c7be01b48dd54191912e15f820daf4aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:27:12 GMT
x-content-type-options: nosniff
age: 438177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20636
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:30:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 19:27:12 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 275ms
217ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:16:57 GMT
x-content-type-options: nosniff
age: 532392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19752
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:16:57 GMT

GET
H2 200 u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 347ms
290ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:31:51 GMT
x-content-type-options: nosniff
age: 531498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19720
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:47:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:31:51 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 359ms
301ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:16:54 GMT
x-content-type-options: nosniff
age: 532395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:16:54 GMT

GET
H2 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 362ms
304ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:25:27 GMT
x-content-type-options: nosniff
age: 531882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19780
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:25:27 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 363ms
306ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:16:54 GMT
x-content-type-options: nosniff
age: 532395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:16:54 GMT

GET
H2 200 u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
20 KB 275ms
218ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:14:12 GMT
x-content-type-options: nosniff
age: 528957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19900
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 18:14:12 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 343ms
286ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:17:50 GMT
x-content-type-options: nosniff
age: 532339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19816
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:08:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:17:50 GMT

GET
H2 200 u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
20 KB 374ms
317ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:14:42 GMT
x-content-type-options: nosniff
age: 528927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 18:14:42 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v48/ 25 KB
25 KB 372ms
315ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v48/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91bf78345c55ec05de11377a4b3a8a5789ef302d73124a401cef84edbce178cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:36:02 GMT
x-content-type-options: nosniff
age: 34447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25424
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:34:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:36:02 GMT

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 356ms
299ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:47:13 GMT
x-content-type-options: nosniff
age: 4976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:47:13 GMT

GET
H2 200 KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 349ms
292ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b19ac4e57f2a56639eebd1c35319e5a7124be70d3fa155b63d878886520154fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:28:22 GMT
x-content-type-options: nosniff
age: 31307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17060
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 12:28:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 315ms
258ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 16224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 16:39:45 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 317ms
261ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 08:45:38 GMT
x-content-type-options: nosniff
age: 563071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17508
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 08:45:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 330ms
274ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 7334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:07:55 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 364ms
308ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 16:01:08 GMT
x-content-type-options: nosniff
age: 18541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 16:01:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 217ms
161ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 29644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 12:56:05 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 283ms
227ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 22:30:29 GMT
x-content-type-options: nosniff
age: 599980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17336
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:30:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 272ms
216ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 563067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 08:45:42 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 273ms
217ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 15:59:35 GMT
x-content-type-options: nosniff
age: 18634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 15:59:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 276ms
220ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 23:30:04 GMT
x-content-type-options: nosniff
age: 423605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 23:30:04 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 373ms
318ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cf78ad3bcd1324e10a4acdc34bfc4a159f9a045b30edbe3738a9d1b9f807a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 15:02:35 GMT
x-content-type-options: nosniff
age: 22054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17552
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 15:02:35 GMT

GET
H2 200 pxiGyp8kv8JHgFVrLPTucHtA.woff2
fonts.gstatic.com/s/poppins/v20/ 7 KB
7 KB 319ms
264ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrLPTucHtA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9220f99b916978e5d7934b73be5ab91444871ba52a89032e4dd90e42b0a96e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:37:11 GMT
x-content-type-options: nosniff
age: 437578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7484
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 19:37:11 GMT

GET
H2 200 pxiAyp8kv8JHgFVrJJLmE0tCMPI.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 320ms
265ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiAyp8kv8JHgFVrJJLmE0tCMPI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d80200523e723113f1802f7eb3258d5b922e6546d637d502f0fd2ea470201df5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 22:18:18 GMT
x-content-type-options: nosniff
age: 427911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8404
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 22:18:18 GMT

GET
H2 200 pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 321ms
266ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f0c572590421075878908e0b380c5a6d404f72aa7d6d125385943be658f8399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:37:05 GMT
x-content-type-options: nosniff
age: 437584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7932
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:10:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 19:37:05 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLmv1pVF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ 9 KB
9 KB 322ms
267ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmv1pVF9eO.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28d28631a83de4ed8567b99ae8f9d895c0cc8a083cb42ae9c2c152367d3acd29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 22:17:55 GMT
x-content-type-options: nosniff
age: 427934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8720
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:05:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 22:17:55 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 377ms
322ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:25:08 GMT
x-content-type-options: nosniff
age: 438301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 19:25:08 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ 9 KB
9 KB 365ms
310ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0ae296f5c19db047491f1311d621ff18960b34cfa9cb07b69932a02ec298366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 22:17:17 GMT
x-content-type-options: nosniff
age: 427972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8712
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 22:17:17 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 340ms
285ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:24:53 GMT
x-content-type-options: nosniff
age: 438316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 19:24:53 GMT

GET
H2 200 pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
9 KB 378ms
324ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8668
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 21:10:09 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 364ms
310ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:25:44 GMT
x-content-type-options: nosniff
age: 438265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 19:25:44 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 368ms
314ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb074f9963be8f6275c42dbd54d18625da8f91c85803121094ec81649f488b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 20:50:08 GMT
x-content-type-options: nosniff
age: 433201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8504
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:30:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 20:50:08 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 366ms
312ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 21:23:03 GMT
x-content-type-options: nosniff
age: 431226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 21:23:03 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ 9 KB
9 KB 367ms
313ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ad6c8bd3624555dd79177efe91f0aca20e7f28597fa6b49762c27f337500d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:29:19 GMT
x-content-type-options: nosniff
age: 438050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8724
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 19:29:19 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 214ms
160ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:25:44 GMT
x-content-type-options: nosniff
age: 438265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 19:25:44 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
9 KB 270ms
216ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:37:14 GMT
x-content-type-options: nosniff
age: 437575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8596
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 19:37:14 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 268ms
215ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:37:00 GMT
x-content-type-options: nosniff
age: 437589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7824
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:52:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 19:37:00 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLm111VF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
9 KB 269ms
215ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLm111VF9eO.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

494d66c1f510af5609c852b228a4ad3e0f12ccf93126b5f437f8e4ac14def828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 22:17:42 GMT
x-content-type-options: nosniff
age: 427947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8680
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:15:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 22:17:42 GMT

GET
H2 200 pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 7 KB
8 KB 268ms
215ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:37:04 GMT
x-content-type-options: nosniff
age: 437585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7632
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:09:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 19:37:04 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLm81xVF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 310ms
256ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLm81xVF9eO.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed79248088783dd5be147808b6f904dc55122f18e80cc0780da3d3e6152ea1b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 22:17:55 GMT
x-content-type-options: nosniff
age: 427934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8488
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 22:17:55 GMT

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v20/ 33 KB
33 KB 296ms
243ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v20/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:25:03 GMT
x-content-type-options: nosniff
age: 438306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33620
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 19:25:03 GMT

GET
H2 200 iJWbBXyIfDnIV7nEt3KSJbVDV49rz8u6FHU3f4I.woff2
fonts.gstatic.com/s/rubik/v20/ 17 KB
17 KB 306ms
253ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v20/iJWbBXyIfDnIV7nEt3KSJbVDV49rz8u6FHU3f4I.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

197c0213bc0b28b2cb1b243c6a57068967aa19c81caafdebd1bc4c3e2eb0f01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 22:02:06 GMT
x-content-type-options: nosniff
age: 428883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17588
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:49:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 22:02:06 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
69 KB 137ms
53ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E4N0BTFXS8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJFTHV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fc8a5476717976c6defa309cb5240128e21e76360897ce545acecdfe19adcabd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70228
x-xss-protection: 0
expires: Mon, 13 Jun 2022 21:10:09 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 63ms
25ms Script
text/javascript 142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJFTHV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s41-in-f2.1e100.net

Software

cafe /

Resource Hash

22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15069
x-xss-protection: 0
server: cafe
etag: 11223643544955582496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 21:10:09 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 72ms
36ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJFTHV

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D4CD78433C7B4DA09DB6BF02D281C64F Ref B: FRAEDGE1317 Ref C: 2022-06-13T21:10:09Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 13 Jun 2022 21:10:08 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 195ms
41ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJFTHV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3061
date: Mon, 13 Jun 2022 20:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 13 Jun 2022 22:19:08 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1322538/ 55 KB
17 KB 32ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1322538/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJFTHV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4856c98298a6c43f10703029e7e82a6ffbf47f60cda75e49195ef016612320a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: AU01lDSeABBPQr84a6ZdpESK5HM49xK7
content-encoding: gzip
etag: "3d1ebc9b3b3c7a84f91db2590ca7badb"
age: 21598
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17376
x-amz-id-2: 9j1Z6B59P8Kwh6ULzMD4cS/e95DNtt0lYH2TN+IIhXyNRhdRnWOcQe3jdTT2kRididSEn/hah9I=
x-served-by: cache-hhn4073-HHN
last-modified: Sun, 12 Jun 2022 11:19:16 GMT
server: AmazonS3
x-timer: S1655154609.314106,VS0,VE1
date: Mon, 13 Jun 2022 21:10:09 GMT
vary: Accept-Encoding
x-amz-request-id: A8872NP4N011564P
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 16
x-cache-hits: 1

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 523 B
644 B 273ms
15ms Script
application/javascript 178.250.0.147
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=76854

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJFTHV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.147 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bae8a1851fc2e04b2104e0d6ad1b97e05122b5e109be7af6205bf8bb2fa0fc3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:08 GMT
content-encoding: br
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 preload.js Show response
front.optimonk.com/public/117067/js/ 3 KB
2 KB 63ms
24ms Script
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/117067/js/preload.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9f4475eae095323047db5510976d6c71657ad3b99a8d9f2b7b1487eb817917c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"d6e-PftI49Km/ltNXjS+4rN7XLBzmX8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1350
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 rev.js Show response
assets.revcontent.com/master/ 26 KB
10 KB 102ms
37ms Script
application/x-javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/rev.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJFTHV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 15:23:49 GMT
server: AmazonS3
x-amz-request-id: R8Q7ENC3391KEWPD
etag: "46482d4733f3f6c1f93601a6274bc264"
x-hw: 1655154609.cds234.am5.hn,1655154609.cds128.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 9617
x-amz-id-2: /5y0iCVM8uRb6LFilxY48ZiRiO7sNtRXOaNpyaAK4yC4rfm5NYEihz5mCqUyOYVEuG91wIs0yQ4=

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 110ms
16ms Script
application/x-javascript 104.102.29.173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.29.173 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-173.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 21:10:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 12:30:38 GMT
Server: AkamaiNetStorage
ETag: "23b34d08f648c3f51b232443afced826:1644409863.170279"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Mon, 13 Jun 2022 21:30:09 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 213ms
21ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: JGF59D56A9DCRFRJ
x-amz-id-2: FuE5qlFURqIVMgKwN/ceecRWV27CZ6Y2AadTYuSq18uaAOVFSTjPntsLmSSi/c0Sqed7F0ruhgw=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 15 KB
5 KB 168ms
116ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1655154609294
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 680ac458-7629-455b-97d2-966250de51cc
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 71adcfb49ee1997a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare

GET
H2 400 b52b245b-82bc-47ce-b4a6-3f8e3ac9f00e.js
link.kneerelieve.com/d/ 0
0 282ms
8ms Script
text/html 18.184.38.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://link.kneerelieve.com/d/b52b245b-82bc-47ce-b4a6-3f8e3ac9f00e.js?lpref=&lpurl=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&lpt=Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By&t=1655154609301
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.184.38.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 257312018681431 Show response
connect.facebook.net/signals/config/ 290 KB
83 KB 79ms
79ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/257312018681431?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2713ab3cc8a52100b40123e9ed0f443f39f9dc352c151d61c2fba82e77ad9b48

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: dgujEckaQMhlgmKOd5PkOhFcoyfuHqPoiry1L+j2iiIn0s6cL/YSQVQwCTZH0aVOURUKNYOlAwasQTWDiofEMg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 13 Jun 2022 21:10:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1655154609389
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 273ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=244035010748565&ev=PageView&dl=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&rl=&if=false&ts=1655154609312&sw=1600&sh=1200&v=2.9.62&r=stable&a=plwebflow&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%221383509875318107%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22476452750384200%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1655154609312.1336935927&it=1655154609191&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 13 Jun 2022 21:10:09 GMT

GET
H2 200 json Show response
trc.taboola.com/1322538/trc/3/ 2 KB
1 KB 37ms
23ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1322538/trc/3/json?tim=1655154609326&data=%7B%22id%22%3A620%2C%22ii%22%3A%22%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1655154609322%2C%22cv%22%3A%2220220609-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dds1%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1655154609325%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A16%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1322538/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6f130bba23cedaf6e3ea975203c8fecf36510530246323ac7d8e5a925c1f59a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-vcl-time-ms: 17
date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: gzip
server: nginx
x-timer: S1655154609.373296,VS0,VE17
x-served-by: cache-hhn4073-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/616542140/ 3 KB
2 KB 142ms
50ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/616542140/?random=1655154609342&cv=9&fst=1655154609342&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&ig=1&frm=0&url=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&tiba=Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5935b4a1549a8f07e078ae68cad5a885975fcb29d8f7e9f135ec9fcb5f76eec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1171
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/350501903/ 3 KB
1 KB 143ms
53ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/350501903/?random=1655154609345&cv=9&fst=1655154609345&num=1&label=Q-RpCIqHheUCEI_4kKcB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&ig=1&frm=0&url=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&tiba=Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c5d9d0c55e1ca599e6744af0c4f45f2dffa0690bda99be9836eee87accf86a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1224
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/616542140/ 3 KB
1 KB 133ms
52ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/616542140/?random=1655154609345&cv=9&fst=1655154609345&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&ig=1&frm=0&url=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&tiba=Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45a84f5a856c372aad368cd0b7eff20e8b232db78d06b46502683ad1b3b4b8cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 17496437.js Show response
bat.bing.com/p/action/ 0
136 B 218ms
217ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17496437.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2872F13F53C34FD3BB70DD0C573F14A8 Ref B: FRAEDGE1317 Ref C: 2022-06-13T21:10:09Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 13 Jun 2022 21:10:08 GMT

GET
H2 204 0
bat.bing.com/action/ 0
175 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17496437&tm=gtm002&Ver=2&mid=88b1f9f3-d847-4d8b-9aff-9e7135b66d4d&sid=34e56540eb5d11eca590f32a2e7c289a&vid=34e57950eb5d11ecab0fe591296f4915&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By&p=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&r=&lt=872&evt=pageLoad&msclkid=N&sv=1&rn=860648

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8CA5C6BD1F2F43FC93285FD4A0A508B1 Ref B: FRAEDGE1317 Ref C: 2022-06-13T21:10:09Z
date: Mon, 13 Jun 2022 21:10:08 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 preload-base.js Show response
front.optimonk.com/ 50 KB
16 KB 16ms
15ms Script
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/preload-base.js?v=5493e6adca

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/public/117067/js/preload.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

0e809ee0a59017ff9205bb5c568c8f30a4aa01b4756eb68fbbe4812d9c700134

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"c9c2-/rgfJz3Th002lxMTj1td3CR3JVw"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 jfclientsdk.min.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 94 KB
32 KB 65ms
8ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Requested by: Host: front.optimonk.com
URL: https://front.optimonk.com/preload-base.js?v=5493e6adca
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE1-832 /
Resource Hash: 7cdc558992cf8d77ea5e9fb2360e25aaf19eb850036f750657963044a5b3ca1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: br
cdn-edgestorageid: 832
age: 0
x-guploader-uploadid: ADPycdswA-ghktfF4njiQ_WOtZN-ME1s4QoQGQsviShWynYGMF0Rrz_8WHsmaj0LSPUXp7h8fMo6CZEzhyFS9_TwfxuiBSMIgFo7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
cdn-cachedat: 05/05/2022 06:37:52
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
server: BunnyCDN-DE1-832
last-modified: Thu, 05 May 2022 06:37:44 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"514bf3d0110bfc3d1e7378053e444d82"
content-language: en
vary: Accept-Encoding, Accept-Encoding
x-goog-hash: crc32c=9qL8bg==, md5=UUvz0BEL/D0ec3gFPkRNgg==
x-goog-generation: 1651732664453193
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 96276
cdn-requestid: 27f2d89b373c28c9438975d322276dea
content-type: application/javascript
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 load Show response
front.optimonk.com/public/117067/js/ 3 KB
1 KB 42ms
27ms XHR
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/117067/js/load

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/preload-base.js?v=5493e6adca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3773f8f47bee2def4eb6870466f7c65bc8bc062aa718bd1bfe995897817f5f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offers.amrelieve.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"ad5-/pa+nDBBldzfRIlDiVY1ra/DvPQ"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 363ms
83ms Script
application/javascript 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00e7d8a3c2d9cb1b7071b9fd2c9eb994e9
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: gzip
X-TraceId: f898e8455f0d0d0b5b19092c16943ed9
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 376ms
88ms Image
image/gif 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00e7d8a3c2d9cb1b7071b9fd2c9eb994e9&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&optOut=false&bust=09703937727539791
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 21:10:09 GMT
Cache-Control: no-cache
X-TraceId: c5c2d3196b304b884f205d901ceb4def
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 index.js Show response
front.optimonk.com/load.esm/ 208 KB
55 KB 13ms
13ms Script
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/load.esm/index.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

026ae9c9dcbe77005f3cfaa01f0cacbd7e7fe8a7a5403c6c7516ab01aef99686

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offers.amrelieve.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"34036-FhaxZOuLIXFQAJLKjA+e9vNYneI"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 6231e6e9413507a5111e9f12_Segoe%20UI%20Bold.ttf
assets.website-files.com/60a3f01f310d6f2c017b0f2a/ 35 KB
21 KB 50ms
10ms Font
application/x-font-ttf 2600:9000:2156:2000:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/60a3f01f310d6f2c017b0f2a/6231e6e9413507a5111e9f12_Segoe%20UI%20Bold.ttf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/60a3f01f310d6f2c017b0f2a/css/uke-full-sales-cro.036af7a13.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2000:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3084cb39c0f24d7dfa6b576014ec75d0c3b9e852e1a545eaa96253e087f02a2b

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 16:39:25 GMT
content-encoding: gzip
age: 7705845
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 16 Mar 2022 16:34:47 GMT
server: AmazonS3
etag: W/"65099f98c7cb19b3dac57b15a6a708cf"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
x-amz-version-id: BM37GvwE0bqg4l3lFUVad4HCEn2g91We
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA50-C1
content-type: application/x-font-ttf
x-amz-cf-id: JfMA4NfjUmV47CLmjmHr8ZMDOsOoDh3wXQsXdWiIPUD5D_OO4GLrRA==

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=257312018681431&ev=PageView&dl=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&rl=&if=false&ts=1655154609630&sw=1600&sh=1200&v=2.9.62&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1655154609312.1336935927&it=1655154609191&coo=false&tm=1&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 13 Jun 2022 21:10:09 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
350 B 111ms
39ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-E4N0BTFXS8&gtm=2oe680&_p=708856885&_z=ccd.tdB&cid=2038998417.1655154610&ul=en-us&sr=1600x1200&_s=1&sid=1655154609&sct=1&seg=0&dl=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&dt=Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gclid=none&ep.hit_timestamp=2022-06-13T21%3A10%3A09.270%2B00%3A00&ep.previous_page=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E4N0BTFXS8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offers.amrelieve.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 116ms
38ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 20:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 13 Jun 2022 21:13:08 GMT

GET
H2 200 10179178.json Show response
s.yimg.com/wi/config/ 2 B
448 B 65ms
24ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10179178.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 20:39:24 GMT
x-content-type-options: nosniff
age: 1845
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 9AYKQB4E8F01F5FF
x-amz-id-2: md9X5TJQcGZAaeW4iqnoKt6gylrR7WvaG1mLfWh6nar17ZPPn0MPbSZw/xPVW6KLXql9xtjgDl0=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 200 /
www.google.com/pagead/1p-user-list/616542140/ 42 B
108 B 57ms
24ms Image
image/gif 2a00:1450:400e:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/616542140/?random=1655154609342&cv=9&fst=1655154000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&frm=0&url=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&tiba=Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By&async=1&fmt=3&is_vtc=1&random=1839753439&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/616542140/ 42 B
108 B 133ms
49ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/616542140/?random=1655154609342&cv=9&fst=1655154000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&frm=0&url=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&tiba=Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By&async=1&fmt=3&is_vtc=1&random=1839753439&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/616542140/ 42 B
548 B 56ms
23ms Image
image/gif 2a00:1450:400e:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/616542140/?random=1655154609345&cv=9&fst=1655154000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&frm=0&url=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&tiba=Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By&async=1&fmt=3&is_vtc=1&random=2123443833&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/616542140/ 42 B
548 B 131ms
48ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/616542140/?random=1655154609345&cv=9&fst=1655154000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&frm=0&url=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&tiba=Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By&async=1&fmt=3&is_vtc=1&random=2123443833&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/350501903/ 42 B
108 B 56ms
23ms Image
image/gif 2a00:1450:400e:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/350501903/?random=1655154609345&cv=9&fst=1655154000000&num=1&label=Q-RpCIqHheUCEI_4kKcB&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&frm=0&url=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&tiba=Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By&async=1&fmt=3&is_vtc=1&random=828801278&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/350501903/ 42 B
108 B 132ms
48ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/350501903/?random=1655154609345&cv=9&fst=1655154000000&num=1&label=Q-RpCIqHheUCEI_4kKcB&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg680&sendb=1&frm=0&url=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&tiba=Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By&async=1&fmt=3&is_vtc=1&random=828801278&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1x1.gif
a.mgid.com/ 43 B
273 B 144ms
126ms Image
image/gif 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=705859&type=c&tg=&r=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1655154609732
Requested by: Host: offers.amrelieve.com
URL: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 71adcfb6fa019bb8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 203ms
27ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=76854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 05:07:22 GMT
server: nginx
etag: W/"6295a28a-a708"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 14 Jun 2022 21:10:09 GMT

GET
H2 200 508.jfclientsdk-893b21341e437ef1712c.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 9 KB
4 KB 16ms
7ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/508.jfclientsdk-893b21341e437ef1712c.js
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE1-832 /
Resource Hash: fe7c01c09db58ac2ea5ad79017cc9ad7c2099eb177e826b13248515aa1be4f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: br
cdn-edgestorageid: 832
age: 0
x-guploader-uploadid: ADPycdvrZgsjGNAHdWxNdLhwtWKTUOb5vtMjjv5tRg5KCn8EQB5BwoHIMnoDmdA1q1SeiMh8-mUCHR6_-GxVfNQU-bU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
cdn-cachedat: 03/12/2022 04:37:45
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
server: BunnyCDN-DE1-832
last-modified: Mon, 15 Nov 2021 07:16:44 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"5acfca015c98e66550cfd327af3ab0fb"
content-language: en
vary: Accept-Encoding, Accept-Encoding
x-goog-hash: crc32c=87I7uQ==, md5=Ws/KAVyY5mVQz9Mnrzqw+w==
x-goog-generation: 1636960604614821
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 9454
cdn-requestid: 1b954c157f6467445cc859dd1310dcaa
content-type: application/javascript
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 103.jfclientsdk-2775af6bb1ef2617d2b5.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 8 KB
4 KB 16ms
8ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/103.jfclientsdk-2775af6bb1ef2617d2b5.js
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE1-832 /
Resource Hash: b8654209f3456faba9f227d6ef407a65369bd1de70ef534f36ae63118b2886ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: br
cdn-edgestorageid: 832
x-guploader-uploadid: ADPycds6iDV5u2aIeCc0zWSt3oNbcWpAsDffUJFSGPhbVdWyco_S06-SfDLalFpP-wmNgJmuRvDUrBLRl7dVZy_6CxyYfFtY8bQi
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
cdn-cachedat: 05/05/2022 06:37:53
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
server: BunnyCDN-DE1-832
last-modified: Thu, 05 May 2022 06:37:39 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"7ad8b3eeb5cfb71f396feb835b93839a"
content-language: en
vary: Accept-Encoding, Accept-Encoding
x-goog-hash: crc32c=moWfgw==, md5=etiz7rXPtx85b+uDW5ODmg==
x-goog-generation: 1651732659298054
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 8007
cdn-requestid: 9850eddde0da258db8b65e18b489197d
content-type: application/javascript
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 optimonk.b6e9bd.js Show response
front.optimonk.com/load.esm/ 57 B
436 B 8ms
7ms Script
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/load.esm/optimonk.b6e9bd.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8939e532229f8e30daeb08be6b9db748ea66b6a6e024f30ac404fad3ce3021b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://front.optimonk.com/load.esm/index.js
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"39-/mtXHZxNxKx74XL4ORdI6vTeb+s"
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
H2 200 video-factory.18acd5.js Show response
front.optimonk.com/load.esm/ 204 B
551 B 9ms
8ms Script
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/load.esm/video-factory.18acd5.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

0ce45c6d3d99d2b761df21b9e56744e034c6e4d17f95a87454aba885a49d4816

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://front.optimonk.com/load.esm/index.js
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"cc-1tgzKQDUWxWHBfp+7e/JjEejav0"
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
H2 200 subscription-factory.aa3e68.js Show response
front.optimonk.com/load.esm/ 888 B
838 B 8ms
8ms Script
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/load.esm/subscription-factory.aa3e68.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

056aadc332579494be305aa026aa2e99e5d5e0e5e7d3a467b8ccf69abf038379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://front.optimonk.com/load.esm/index.js
Origin: https://offers.amrelieve.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"378-tov22bayg9IA0uspvGRrgBqxoIc"
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 116ms
37ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2013%20Jun%202022%2021%3A10%3A09%20GMT&n=0&b=Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By&.yp=10179178&f=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&enc=UTF-8&yv=1.12.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:10 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 13 Jun 2022 21:10:10 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=244035010748565&ev=Microdata&dl=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&rl=&if=false&ts=1655154609937&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By%22%2C%22twitter%3Atitle%22%3A%22Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&a=plwebflow&ec=1&o=30&fbp=fb.1.1655154609312.1336935927&it=1655154609191&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 13 Jun 2022 21:10:09 GMT

GET
H2 200 363.jfclientsdk-45817228856ecc92df55.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 71 KB
25 KB 8ms
7ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/363.jfclientsdk-45817228856ecc92df55.js
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE1-832 /
Resource Hash: 42dd1580f08ce097eb016607569e2947aa3ec792742135aa4415d3df0d6dbc0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: br
cdn-edgestorageid: 832
x-guploader-uploadid: ADPycdt2hgXTCDJ2J8RW57vM0t_i2jEnVc2_hbWITkkhU2l4JE3aJfT7c0JVih_OxU9IaskVxnjXomP4LEzXUR1KveY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
cdn-cachedat: 03/12/2022 04:37:51
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
server: BunnyCDN-DE1-832
last-modified: Mon, 15 Nov 2021 07:16:42 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"16ab041e56befcd585976042bc43027b"
content-language: en
vary: Accept-Encoding, Accept-Encoding
x-goog-hash: crc32c=xwcgHg==, md5=FqsEHla+/NWFl2BCvEMCew==
x-goog-generation: 1636960602542946
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 72757
cdn-requestid: 6dd0f6f148c2742bc50a3808f1dd6e34
content-type: application/javascript
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 997.jfclientsdk-f07cbbf17331034b8b68.js Show response
gs-cdn.optimonk.com/jfclientsdk/latest/ 2 KB
2 KB 7ms
7ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/997.jfclientsdk-f07cbbf17331034b8b68.js
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE1-832 /
Resource Hash: 5168687db41ad16a2e5087cff577a1e70455d941b076f82a76521c41267a3a90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: br
cdn-edgestorageid: 832
x-guploader-uploadid: ADPycdulMkmIzBlklea7FoZ8DzwZPtRLBIbTG7_sOSOL-ypYRM0yztg0ovE9IkrrBy0AYEkmKZTj3D8JvXXYRIgjFBQlYQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
cdn-pullzone: 592317
x-goog-stored-content-encoding: identity
cdn-cachedat: 05/14/2022 10:24:19
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
server: BunnyCDN-DE1-832
last-modified: Thu, 05 May 2022 06:37:42 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"015fc140cc4423ad5dcb0b4af8f9db21"
content-language: en
vary: Accept-Encoding, Accept-Encoding
x-goog-hash: crc32c=9dhHHA==, md5=AV/BQMxEI61dywtK+PnbIQ==
x-goog-generation: 1651732662246884
cdn-cache: HIT
cdn-uid: 03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control: public, max-age=2592000
x-goog-stored-content-length: 2436
cdn-requestid: ff5e2e936077d7de5e9dd4182273538f
content-type: application/javascript
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 45ms
45ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=708856885&t=pageview&_s=1&dl=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&ul=en-us&de=UTF-8&dt=Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEAjBAAAAC~&jid=327979292&gjid=2019877415&cid=2038998417.1655154610&tid=UA-167584353-1&_gid=240566324.1655154610&_r=1&gtm=2wg680WNJFTHV&cd6=0&cd7=2022-06-13T21%3A10%3A09.278%2B00%3A00&cd8=07594b8c-1dbf-4d34-a8d3-cb8614775c43&cd11=&cd12=none&cd9=2038998417.1655154610&z=382550187

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://offers.amrelieve.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offers.amrelieve.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0E03 15 KB
6 KB 136ms
16ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=offers.amrelieve.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

4f6703cd54650cdd75f59266d630970479d273471a330e272cdaaef9481c55cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://offers.amrelieve.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6123
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 13 Jun 2022 21:10:09 GMT
server-processing-duration-in-ticks: 2631
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 62ms
18ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-167584353-1&cid=2038998417.1655154610&jid=327979292&gjid=2019877415&_gid=240566324.1655154610&_u=aCDACEAiBAAAAC~&z=1237885252

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://offers.amrelieve.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 13 Jun 2022 21:10:10 GMT
content-type: text/plain
access-control-allow-origin: https://offers.amrelieve.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
jfapiprod.optimonk.com/v2/ 26 B
196 B 240ms
152ms Fetch
application/json 34.117.177.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jfapiprod.optimonk.com/v2/
Requested by: Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.177.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer: https://offers.amrelieve.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 13 Jun 2022 21:10:10 GMT
via: 1.1 google
etag: W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26
content-type: application/json; charset=utf-8

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 64ms
34ms Image
image/gif 2a00:1450:400e:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-167584353-1&cid=2038998417.1655154610&jid=327979292&_u=aCDACEAiBAAAAC~&z=550099235

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 142ms
64ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-167584353-1&cid=2038998417.1655154610&jid=327979292&_u=aCDACEAiBAAAAC~&z=550099235

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0E03
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=amrelieve.com&sn=ChromeSyncframe&so=0&topUrl=offers.amrelieve.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=cpxRNXxZYkdNdVIyZVJKblVZN1VSUFk5NFlUODNMQ2dFNlJlYmtsRlNtajVOTnBQNlFwdUdoLytGeks4VS84aVV3MU50VGlxL2lyZE9oOXk5Y1REWEQxOGNMRTdKMmpEc2hleEdoejVsMDNIWGs1MFBYMEYzdkVjNkhTWj...

433 B
634 B

193ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=cpxRNXxZYkdNdVIyZVJKblVZN1VSUFk5NFlUODNMQ2dFNlJlYmtsRlNtajVOTnBQNlFwdUdoLytGeks4VS84aVV3MU50VGlxL2lyZE9oOXk5Y1REWEQxOGNMRTdKMmpEc2hleEdoejVsMDNIWGs1MFBYMEYzdkVjNkhTWjFFYkNLTmsyR040RHZTMnRldmhOdVJyaW11Ty8vR2szY2kzQjZGYi9GOUlpZHZSWnFNSEZxTk9RQmRTbzNlZHlZY2NTOS9tSWpHM2hNa1NqWkh0MHdYK1dVc2Z1L2x3c0tjd29MdTJ6YzdOLzAwOE5DSnY4eHFRL3ZmVlZkMVhxbDREaVE1QmNmaXZvR21TL2hXZTJEUE14VmFhaUdydz09fA&cppv=2

Requested by

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9cfbc520cf8973e967238701a642c40d42d43c9a8a7adff44bb991eac5fbcb5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:09 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3945
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:09 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=cpxRNXxZYkdNdVIyZVJKblVZN1VSUFk5NFlUODNMQ2dFNlJlYmtsRlNtajVOTnBQNlFwdUdoLytGeks4VS84aVV3MU50VGlxL2lyZE9oOXk5Y1REWEQxOGNMRTdKMmpEc2hleEdoejVsMDNIWGs1MFBYMEYzdkVjNkhTWjFFYkNLTmsyR040RHZTMnRldmhOdVJyaW11Ty8vR2szY2kzQjZGYi9GOUlpZHZSWnFNSEZxTk9RQmRTbzNlZHlZY2NTOS9tSWpHM2hNa1NqWkh0MHdYK1dVc2Z1L2x3c0tjd29MdTJ6YzdOLzAwOE5DSnY4eHFRL3ZmVlZkMVhxbDREaVE1QmNmaXZvR21TL2hXZTJEUE14VmFhaUdydz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1565
content-length: 541
expires: 0

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=257312018681431&ev=Microdata&dl=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&rl=&if=false&ts=1655154610131&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By%22%2C%22twitter%3Atitle%22%3A%22Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1655154609312.1336935927&it=1655154609191&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 13 Jun 2022 21:10:10 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=76854&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvpg&p2=e%3Ddis&adce=1&bundle=lj4vNV9aN051OEFvZlQ4UTQ0Z1BFU2hQU0tmJTJCWERPbnJCUFY5S2FnQWQxMUdqb2ZDWEFtYW9VRTB3Tk...
https://widget.us.criteo.com/event?a=76854&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvpg&p2=e%3Ddis&adce=1&bundle=lj4vNV9aN051OEFvZlQ4UTQ0Z1BFU2hQU0tmJTJCWERPbnJCUFY5S2FnQWQxMUdqb2ZDWEFtYW9VRTB3Tk...

9 KB
9 KB

358ms
106ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=76854&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvpg&p2=e%3Ddis&adce=1&bundle=lj4vNV9aN051OEFvZlQ4UTQ0Z1BFU2hQU0tmJTJCWERPbnJCUFY5S2FnQWQxMUdqb2ZDWEFtYW9VRTB3TkFrYUkwbVNhZSUyQkZhQlI2bnlJUlM0M1FDdFZhdjQ2VGg4Y0xYVHNEZktZNEtXcWJ2aURjR0Jxc0Z5NXJoWWRrd3NlNGg1Y3RzZ21OYW9acyUyRlVXWUlSVSUyRnM4JTJCYXp5b25nJTNEJTNE&tld=amrelieve.com&dy=1&fu=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&dtycbr=31493

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

34016668b10da957d14e3365f22a3f8da174fd8185f4e264fd7e6a206220a131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:10 GMT
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 13012370
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:10 GMT
server: Kestrel
location: https://widget.us.criteo.com/event?a=76854&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvpg&p2=e%3Ddis&adce=1&bundle=lj4vNV9aN051OEFvZlQ4UTQ0Z1BFU2hQU0tmJTJCWERPbnJCUFY5S2FnQWQxMUdqb2ZDWEFtYW9VRTB3TkFrYUkwbVNhZSUyQkZhQlI2bnlJUlM0M1FDdFZhdjQ2VGg4Y0xYVHNEZktZNEtXcWJ2aURjR0Jxc0Z5NXJoWWRrd3NlNGg1Y3RzZ21OYW9acyUyRlVXWUlSVSUyRnM4JTJCYXp5b25nJTNEJTNE&tld=amrelieve.com&dy=1&fu=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&dtycbr=31493
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4484135
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 725F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-jhZmuoGCbQ3FbpRMkRRzASyKLGg-Quu0o6xpQA&google_cm&google_hm=ay1qaFptdW9HQ2JRM0ZicFJNa1JSekFTeUtMR2ctUXV1M...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jhZmuoGCbQ3FbpRMkRRzASyKLGg-Quu0o6xpQA&google_gid=CAESENVHpbl6sXJwHeOUBIhDCVI&google_cver=1&google_ula=913071,0

43 B
370 B

233ms
17ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jhZmuoGCbQ3FbpRMkRRzASyKLGg-Quu0o6xpQA&google_gid=CAESENVHpbl6sXJwHeOUBIhDCVI&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:10 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1508526
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-jhZmuoGCbQ3FbpRMkRRzASyKLGg-Quu0o6xpQA&google_gid=CAESENVHpbl6sXJwHeOUBIhDCVI&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

451

397596.gif
idsync.rlcdn.com/ Frame 725F
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=oBDoKTv59LpF5tClZk2ZPHQJxCGEZl1I

0
42 B

103ms
41ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=oBDoKTv59LpF5tClZk2ZPHQJxCGEZl1I
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=oBDoKTv59LpF5tClZk2ZPHQJxCGEZl1I
date: Mon, 13 Jun 2022 21:10:10 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3194
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame 725F 0
232 B 134ms
29ms Image
text/html 52.209.107.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-jhZmuoGCbQ3FbpRMkRRzASyKLGg-Quu0o6xpQA&custom=&tag_format=img&tag_action=sync&custom=&cb=6ab460a0-f67c-45cb-a86f-2ed27d22f9be
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.107.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-107-65.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Jun 2022 21:10:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H2 451 362338.gif
idsync.rlcdn.com/ Frame 725F 0
98 B 120ms
40ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-jhZmuoGCbQ3FbpRMkRRzASyKLGg-Quu0o6xpQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 725F 0
47 B 77ms
20ms Image
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:10 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 725F 43 B
78 B 38ms
36ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:10 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 13 Jun 2022 21:10:10 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 725F 0
397 B 52ms
11ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-aS5y24GCbQ3FbpRMkRRzASyKLGhdSPIiet8J7w

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:10 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 725F 0
476 B 344ms
83ms Image
text/plain 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-FOCCpoGCbQ3FbpRMkRRzASyKLGgL8CFPp5Hl8w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 21:10:11 GMT
Cache-Control: no-cache
X-TraceId: 0001668869646690a916893d4038179b
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame 725F 0
424 B 545ms
157ms Image
text/plain 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-shPhnYGCbQ3FbpRMkRRzASyKLGiJBDxDGj091w
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:11 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 13 Jun 2022 21:10:11 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 725F 0
239 B 46ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-shPhnYGCbQ3FbpRMkRRzASyKLGiJBDxDGj091w&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 725F
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-ePfCw4GCbQ3FbpRMkRRzASyKLGjTAz2f4m0bxQ&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-ePfCw4GCbQ3FbpRMkRRzASyKLGjTAz2f4m0bxQ%26seg%3D95287

43 B
1 KB

22ms
21ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-ePfCw4GCbQ3FbpRMkRRzASyKLGjTAz2f4m0bxQ%26seg%3D95287

Protocol

HTTP/1.1

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Jun 2022 21:10:10 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 62b650d1-9f23-41de-8587-732eed263514
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Jun 2022 21:10:10 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7692a673-480e-4ef4-ab25-08f439c54202
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-ePfCw4GCbQ3FbpRMkRRzASyKLGjTAz2f4m0bxQ%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 725F
Redirect Chain

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fa...
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1333563310102459979

43 B
370 B

225ms
19ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1333563310102459979

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:10 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2032719
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Jun 2022 21:10:10 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 973d5ae0-2644-4117-902f-21a94eea2f75
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1333563310102459979
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 725F 42 B
585 B 2492ms
161ms Image
image/gif 104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-X98YVIGCbQ3FbpRMkRRzASyKLGj8cvsZgk42PA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:12 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 xuid
eb2.3lift.com/ Frame 725F 37 B
140 B 41ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-oys4d4GCbQ3FbpRMkRRzASyKLGiuXiMVx33LRQ&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 cksync.php
contextual.media.net/ Frame 725F 45 B
783 B 49ms
28ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-9IEupYGCbQ3FbpRMkRRzASyKLGgNs2nZ1BsArA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Mon, 13 Jun 2022 21:10:10 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 13 Jun 2022 21:10:10 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 725F
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-vdPJYIGCbQ3FbpRMkRRzASyKLGjYREJIfUbmMw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-vdPJYIGCbQ3FbpRMkRRzASyKLGjYREJIfUbmMw&C=1

43 B
1 KB

50ms
49ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-vdPJYIGCbQ3FbpRMkRRzASyKLGjYREJIfUbmMw&C=1
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Jun 2022 21:10:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 13 Jun 2022 21:10:11 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Jun 2022 21:10:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-vdPJYIGCbQ3FbpRMkRRzASyKLGjYREJIfUbmMw&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Mon, 13 Jun 2022 21:10:10 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame 725F 0
239 B 35ms
8ms Image
text/plain 2600:9000:2156:4000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-iRUzS4GCbQ3FbpRMkRRzASyKLGgSMTqTVbd8GA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:10 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: eTcq-Oldx1O2s7GR7KeGg1cOI-8oneeoR_JxmOC8K0KrQCRRkUmDqw==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 725F
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-eTQ6XIGCbQ3FbpRMkRRzASyKLGh0FKo-ikLkyg&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-eTQ6XIGCbQ3FbpRMkRRzASyKLGh0FKo-ikLkyg&expires=30&user_group=5

43 B
495 B

15ms
14ms

Image
image/gif

18.195.70.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-eTQ6XIGCbQ3FbpRMkRRzASyKLGh0FKo-ikLkyg&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 18.195.70.80 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-70-80.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 21:10:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-eTQ6XIGCbQ3FbpRMkRRzASyKLGh0FKo-ikLkyg&expires=30&user_group=5
Date: Mon, 13 Jun 2022 21:10:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame 725F 35 B
337 B 108ms
35ms Image
image/gif 52.215.125.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-_AuLOYGCbQ3FbpRMkRRzASyKLGhcUYB1UlmuDA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.125.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-125-248.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:10 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame 725F 23 B
172 B 101ms
35ms Image
image/gif 104.90.161.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-paOPe4GCbQ3FbpRMkRRzASyKLGjmCSD20sqO-Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.161.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-161-232.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:11 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 13 Jun 2022 21:10:11 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 725F 0
98 B 91ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-55dwA4GCbQ3FbpRMkRRzASyKLGhZ_VsoR03JqA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13701

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 725F 43 B
163 B 135ms
18ms Image
image/gif 185.86.139.106
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-sLgEdoGCbQ3FbpRMkRRzASyKLGgR8KPwxqhT5A
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:10 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 725F 68 B
261 B 75ms
8ms Image
image/png 52.58.122.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-T5JGqoGCbQ3FbpRMkRRzASyKLGgwLQ2utRlBoQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.122.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-122-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:11 GMT
content-length: 68
content-type: image/png

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 725F
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-b6xmh4GCbQ3FbpRMkRRzASyKLGhSWs0mcHfvNw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-b6xmh4GCbQ3FbpRMkRRzASyKLGhSWs0mcHfvNw

43 B
446 B

34ms
34ms

Image
image/gif

99.81.70.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-b6xmh4GCbQ3FbpRMkRRzASyKLGhSWs0mcHfvNw
Protocol: H2
Server: 99.81.70.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-70-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Jun 2022 21:10:11 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-b6xmh4GCbQ3FbpRMkRRzASyKLGhSWs0mcHfvNw
date: Mon, 13 Jun 2022 21:10:11 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 725F
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-SfTY2oGCbQ3FbpRMkRRzASyKLGgpzEFFkbKg-g
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-SfTY2oGCbQ3FbpRMkRRzASyKLGgpzEFFkbKg-g&_li_chk=true&previous_uuid=6ada922f93274c09acb27a6f37948551
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-SfTY2oGCbQ3FbpRMkRRzASyKLGgpzEFFkbKg-g

43 B
419 B

522ms
115ms

Image
image/gif

2600:1f18:444a:4602:2c20:3113:5c28:1366
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-SfTY2oGCbQ3FbpRMkRRzASyKLGgpzEFFkbKg-g

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:2c20:3113:5c28:1366 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 21:10:12 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-SfTY2oGCbQ3FbpRMkRRzASyKLGgpzEFFkbKg-g
Date: Mon, 13 Jun 2022 21:10:11 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 725F 43 B
427 B 313ms
98ms Image
image/gif 18.235.141.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-AP3XqoGCbQ3FbpRMkRRzASyKLGhR8zi5saeQCA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.141.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-141-125.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:11 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 725F 43 B
183 B 390ms
117ms Image
image/gif 2600:1f18:612b:4200:5e70:34f8:9284:341c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-FMG634GCbQ3FbpRMkRRzASyKLGi9VOL7ub4OgA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:5e70:34f8:9284:341c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:11 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame 725F
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-4vogXYGCbQ3FbpRMkRRzASyKLGhYFWsu4C5CSQ&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

119ms
15ms

Image
image/gif

2001:4de0:ac19::1:b:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 21:10:11 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1655154611.dop007.am5.t,1655154611.cds273.am5.shn,1655154611.cds273.am5.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Mon, 13 Jun 2022 21:10:11 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1655154611194007-396
Expires: Mon, 13 Jun 2022 21:10:11 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 725F 40 B
40 B 50ms
16ms Image
text/html 52.29.77.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-dK_EeoGCbQ3FbpRMkRRzASyKLGivYEYEuIB-dA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.77.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-77-213.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:10:11 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 204 unip Show response
trc-events.taboola.com/1322538/log/3/ 0
250 B 60ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1322538/log/3/unip?en=pre_d_eng_tb&tos=1572&scd=16&ssd=1&est=1655154609324&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1655154610897&vi=1655154609322&ri=5002854db8d860b8e0b860dd01f86fa8&ref=null&cv=20220609-7-RELEASE&item-url=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1322538/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://offers.amrelieve.com
pragma: no-cache
date: Mon, 13 Jun 2022 21:10:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 725F
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1333563310102459979

43 B
369 B

17ms
16ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1333563310102459979

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 21:10:09 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 999904
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Jun 2022 21:10:11 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c93c5a8a-e27e-4422-a981-9bf674bbcd0d
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1333563310102459979
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1322538/log/3/ 0
249 B 15ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1322538/log/3/unip?en=pre_d_eng_tb&tos=4573&scd=16&ssd=1&est=1655154609324&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1655154613898&vi=1655154609322&ri=5002854db8d860b8e0b860dd01f86fa8&ref=null&cv=20220609-7-RELEASE&item-url=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1322538/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offers.amrelieve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://offers.amrelieve.com
pragma: no-cache
date: Mon, 13 Jun 2022 21:10:13 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 04:29:06	Name: _li_ss Value: MgkI_____wcQwhI
.amrelieve.com/	1970-01-20 05:55:30	Name: _gcl_au Value: 1.1.1678608123.1655154609
.amrelieve.com/	1970-01-20 08:05:06	Name: __utmzz Value: utmcsr=(direct)\|utmcmd=(none)\|utmccn=(not set)
.amrelieve.com/	1969-12-31 23:59:59	Name: __utmzzses Value: 1
.amrelieve.com/	1970-01-20 05:55:30	Name: _fbp Value: fb.1.1655154609312.1336935927
.bing.com/	1970-01-20 13:07:30	Name: MUID Value: 0CAB492B8BFE69D42FFA58E98A2C68D8
.amrelieve.com/	1970-01-20 03:47:21	Name: _uetsid Value: 34e56540eb5d11eca590f32a2e7c289a
.amrelieve.com/	1970-01-20 13:07:30	Name: _uetvid Value: 34e57950eb5d11ecab0fe591296f4915
offers.amrelieve.com/	1970-01-20 12:31:30	Name: optiMonkClientId Value: 15ccfc2c-00f1-b3f4-d413-76ba0b510426
.mgid.com/	1970-01-20 03:45:56	Name: __cf_bm Value: n6ewOqmC3koDZSP0QoGA5zhmkHAuZlLfkzzBkP5xP0A-1655154609-0-AQH9dYR9lgirhFXIzG9WkxoywIyWZL+cEE2EDKPyDBUJFbAejyvhG062L8rGMD9tXhFqe6SGr26Zxx8mGlGY8KE=
offers.amrelieve.com/	1970-01-20 12:31:30	Name: optiMonkClient Value: N4IgjGDsAMBskgFygMYEMmgKwGZMjRQBcloAaAgB0tIpQCckRYAmATkhYjDTdmhYAOaAMgAWAKZgAJimkgKAOwD28xNAC+FLGPyES6immq0QDJqxzSwbaDLHS20nCJY4wEzwCMJCkCrVNbUE9YlNjGkMzRkRmFmgAMzQE6EEwVMgcNFcxDzEULGg/ANItECw2UINyKkia81jWROToawysnLyClmLVUopYMCrwkyiGuKswQQTpaQcnFwF3TwkvFF7AstZhqIjTccsfHBRoCQSvNmzXLIksLySN/uZK5AIw3dH6mLjBHDZLgQSVJoRZuaReSCFWCPdRlGA7Gp7MbfVi/f4XFheHA4QS2ARiLirTwwzRlBIANyQYFgWCwYB0/DYFAANpTENTafSxIylMpKGywBoNEA=
.amrelieve.com/	1970-01-20 21:17:06	Name: _ga_E4N0BTFXS8 Value: GS1.1.1655154609.1.0.1655154609.0
.amrelieve.com/	1970-01-20 21:17:06	Name: _ga Value: GA1.2.2038998417.1655154610
.amrelieve.com/	1970-01-20 03:47:21	Name: _gid Value: GA1.2.240566324.1655154610
offers.amrelieve.com/	1970-01-20 05:55:30	Name: MgidSensorNVis Value: 1
offers.amrelieve.com/	1970-01-20 05:55:30	Name: MgidSensorHref Value: https://offers.amrelieve.com/adv/is-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp
.amrelieve.com/	1970-01-20 03:45:54	Name: _gat_UA-167584353-1 Value: 1
offers.amrelieve.com/	1970-01-20 03:45:54	Name: outbrain_cid_fetch Value: true
offers.amrelieve.com/	1969-12-31 23:59:59	Name: optiMonkSession Value: 1655154609
.yahoo.com/	1970-01-20 12:31:52	Name: A3 Value: d=AQABBLKnp2ICECaoFCGV4z6Rc8EqYudDY-4FEgEBAQH5qGKxYgAAAAAA_eMAAA&S=AQAAAobX0KMJnmFcCf39z6phjaI
.criteo.com/	1970-01-20 13:07:30	Name: uid Value: 91165b22-8de4-4e34-a688-8273f2331965
.amrelieve.com/	1970-01-20 13:15:18	Name: cto_bundle Value: lj4vNV9aN051OEFvZlQ4UTQ0Z1BFU2hQU0tmJTJCWERPbnJCUFY5S2FnQWQxMUdqb2ZDWEFtYW9VRTB3TkFrYUkwbVNhZSUyQkZhQlI2bnlJUlM0M1FDdFZhdjQ2VGg4Y0xYVHNEZktZNEtXcWJ2aURjR0Jxc0Z5NXJoWWRrd3NlNGg1Y3RzZ21OYW9acyUyRlVXWUlSVSUyRnM4JTJCYXp5b25nJTNEJTNE
.analytics.yahoo.com/	1970-01-20 12:31:30	Name: IDSYNC Value: 18zh~25fx
.adnxs.com/	1970-01-20 05:55:30	Name: uuid2 Value: 1333563310102459979
.media.net/	1970-01-20 12:31:30	Name: visitor-id Value: 2981562108397061000V10
.media.net/	1970-01-20 04:29:06	Name: data-c-ts Value: 1655154610
.media.net/	1970-01-20 04:29:06	Name: data-c Value: k-9IEupYGCbQ3FbpRMkRRzASyKLGgNs2nZ1BsArA~~3
.doubleclick.net/	1970-01-20 13:07:30	Name: IDE Value: AHWqTUkT8iqOEIqx53xi6ayVY4qD-nFjh4Z37kKKXyhvAZkfwxf2837_StuRlaxTSo8
.casalemedia.com/	1970-01-20 12:31:30	Name: CMID Value: YqenshgxmT-2Sy2Z95PEzAAA
.casalemedia.com/	1970-01-20 05:55:30	Name: CMPS Value: 3267
.casalemedia.com/	1970-01-20 05:55:30	Name: CMPRO Value: 3267
.revcontent.com/	1970-02-07 09:45:54	Name: __ID Value: 3ae4de7f501e4b098fdb986b4731d586
.revcontent.com/	1970-01-20 04:29:06	Name: v1_151 Value: 1
.casalemedia.com/	1970-01-20 03:47:21	Name: CMST Value: Yqens2Knp7MA
.casalemedia.com/	1970-01-20 12:31:30	Name: CMRUM3 Value: 1462a7a7b32760k-vdPJYIGCbQ3FbpRMkRRzASyKLGjYREJIfUbmMw
.sharethrough.com/	1970-01-20 04:29:06	Name: stx_user_id Value: 0812b443-daaf-4257-aa0a-6e66d6faf628
.outbrain.com/	1970-01-20 05:55:30	Name: obuid Value: 037ceebb-cb0e-494f-ae59-d47c2174b54d
.outbrain.com/	1970-01-20 04:06:04	Name: criteo Value: k-FOCCpoGCbQ3FbpRMkRRzASyKLGgL8CFPp5Hl8w
.360yield.com/	1970-01-20 05:55:30	Name: tuuid Value: 62ebdb9a-8c90-4b23-a060-868135e4dacd
.360yield.com/	1970-01-20 05:55:30	Name: tuuid_lu Value: 1655154611
.adnxs.com/	1970-01-20 05:55:30	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2IlamZQ9u!fsuh+5T]Xo5i@?nrTu!=fx]:2nVht>)wm%=1G8@grp+aI]b/Gu5WGhIRGtk4[dPJ[])@pJJR*K5D8-@P)[Q]P)j.gEQpO2
exchange.mediavine.com/	1970-01-20 04:06:04	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2235fd4780-eb5d-11ec-b57c-790e6a59a58f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 04:06:04	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2235fd4780-eb5d-11ec-b57c-790e6a59a58f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 04:06:04	Name: criteo Value: %7B%22id%22%3A%22k-dK_EeoGCbQ3FbpRMkRRzASyKLGivYEYEuIB-dA%22%2C%22version%22%3A%22criteo%22%7D
.360yield.com/	1970-01-20 05:55:30	Name: um Value: !38,DjjZ5-4Ou21Ibk7n8SIGLWBQLuauiPA3.XSNqO.KHqiPciibVWedNiCDs-OrmziVsuh6qPDD,1662930611
.360yield.com/	1970-01-20 05:55:30	Name: umeh Value: !38,0,1717362611,-1
ads.stickyadstv.com/	1970-01-20 04:29:06	Name: UID Value: eaa310b5f855b31b4848ae4392adcc58
ads.stickyadstv.com/	1970-01-20 04:29:06	Name: uid-bp-11554 Value: k-4vogXYGCbQ3FbpRMkRRzASyKLGhYFWsu4C5CSQ
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: e6cda39063ba7c4da8aafd80479a916
.bidswitch.net/	1970-01-20 12:31:30	Name: tuuid Value: a6521a4e-384b-4705-967a-242ecd16cf24
.bidswitch.net/	1970-01-20 12:31:30	Name: c Value: 1655154611
.bidswitch.net/	1970-01-20 12:31:30	Name: tuuid_lu Value: 1655154611
.addthis.com/	1970-01-20 13:07:30	Name: ouid Value: 62a7a7b300015897b1033df7f3be107ba4dd5c6a2fef38e1ac2a
.addthis.com/	1970-01-20 13:07:30	Name: uid Value: 62a7a7b3141b32a0
.addthis.com/	1970-01-20 13:07:30	Name: na_id Value: 2022061321101123200483068175
.postrelease.com/	1970-01-20 12:31:30	Name: opt_out Value: 1
.liadm.com/	1970-01-20 21:17:06	Name: lidid Value: 6ada922f-9327-4c09-acb2-7a6f37948551
.pubmatic.com/	1970-01-20 04:29:06	Name: KRTBCOOKIE_97 Value: 3385-uid:k-X98YVIGCbQ3FbpRMkRRzASyKLGj8cvsZgk42PA&KRTB&23144-uid:k-X98YVIGCbQ3FbpRMkRRzASyKLGj8cvsZgk42PA&KRTB&23286-uid:k-X98YVIGCbQ3FbpRMkRRzASyKLGj8cvsZgk42PA&KRTB&23287-uid:k-X98YVIGCbQ3FbpRMkRRzASyKLGj8cvsZgk42PA
.pubmatic.com/	1970-01-20 04:29:06	Name: PugT Value: 1655154612

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://link.kneerelieve.com/d/b52b245b-82bc-47ce-b4a6-3f8e3ac9f00e.js?lpref=&lpurl=https%3A%2F%2Foffers.amrelieve.com%2Fadv%2Fis-knee-surgery-the-only-choice-for-seniors-dr-jeremy-campbell-shares-an-breakthrough-alternative-thousands-of-seniors-swear-by-nt-uke-lp&lpt=Is%20Knee%20Surgery%20The%20Only%20Choice%20For%20Seniors%3F%20Dr.%20Jeremy%20Campbell%20Shares%20An%20Breakthrough%20Alternative%20Thousands%20Of%20Seniors%20Swear%20By&t=1655154609301 Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://static.criteo.net/js/ld/ld.js Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-jhZmuoGCbQ3FbpRMkRRzASyKLGg-Quu0o6xpQA Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/397596.gif?partner_uid=oBDoKTv59LpF5tClZk2ZPHQJxCGEZl1I Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
ajax.googleapis.com
amplify.outbrain.com
assets-global.website-files.com
assets.revcontent.com
assets.website-files.com
bat.bing.com
cdn.stickyadstv.com
cdn.taboola.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cw.addthis.com
d3e54v103j8qbb.cloudfront.net
dis.criteo.com
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
front.optimonk.com
googleads.g.doubleclick.net
gs-cdn.optimonk.com
gum.criteo.com
i.liadm.com
i.postimg.cc
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
jadserve.postrelease.com
jfapiprod.optimonk.com
link.kneerelieve.com
match.sharethrough.com
mug.criteo.com
offers.amrelieve.com
partner.mediawallahscript.com
pixel.rubiconproject.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.yimg.com
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
trends.revcontent.com
ups.analytics.yahoo.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.wdf8bk3trk.com
x.bidswitch.net
104.102.29.173
104.102.29.65
104.19.132.78
104.36.113.107
104.90.161.232
13.248.245.213
138.199.37.226
141.226.228.48
141.94.130.128
142.250.179.162
151.101.129.44
151.139.128.11
157.245.25.14
172.217.18.98
178.250.0.147
178.250.0.163
178.250.2.146
18.156.0.31
18.184.38.55
18.195.70.80
18.235.141.125
184.30.20.22
184.30.21.112
185.33.221.14
185.33.223.38
185.86.139.106
2001:4860:4802:34::36
2001:4de0:ac19::1:b:3a
212.82.100.181
23.35.236.122
2600:1f18:444a:4602:2c20:3113:5c28:1366
2600:1f18:612b:4200:5e70:34f8:9284:341c
2600:9000:2156:2000:11:3b84:d200:93a1
2600:9000:2156:4000:1b:5138:8a40:93a1
2600:9000:224a:b200:12:9e5f:cac0:93a1
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:813::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c1b::9c
2a00:1450:400e:80c::2004
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.107.199.247
34.117.177.207
34.202.254.59
35.244.174.68
52.209.107.65
52.212.43.230
52.215.125.248
52.29.77.213
52.58.122.252
69.173.144.165
70.42.32.223
74.119.119.150
99.81.70.153
99.86.1.196
026ae9c9dcbe77005f3cfaa01f0cacbd7e7fe8a7a5403c6c7516ab01aef99686
036d6b7312ffa118cce54209404528f82b5fd767aaef520d1d1d0378a7350c81
0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e
056aadc332579494be305aa026aa2e99e5d5e0e5e7d3a467b8ccf69abf038379
0a85719186d819a53411312a0e7dc27c1ccc5e04c45f97dc010fd6ad00b76cea
0cdc2c44bacb7ef4d8e6f362dae3b563eddeb1da196b483d614442e96defa8fa
0ce45c6d3d99d2b761df21b9e56744e034c6e4d17f95a87454aba885a49d4816
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e809ee0a59017ff9205bb5c568c8f30a4aa01b4756eb68fbbe4812d9c700134
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
108d6afcdaa07ade2faa160e61c7d7cc3b608e52aa86ff2e7fcdb202c1246f28
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
197c0213bc0b28b2cb1b243c6a57068967aa19c81caafdebd1bc4c3e2eb0f01b
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1ddb074f9963be8f6275c42dbd54d18625da8f91c85803121094ec81649f488b
21f277c8c086cd233b99e3473d58ae54dbc060e122ea323593377e5b202a0014
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
2713ab3cc8a52100b40123e9ed0f443f39f9dc352c151d61c2fba82e77ad9b48
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
28d28631a83de4ed8567b99ae8f9d895c0cc8a083cb42ae9c2c152367d3acd29
3084cb39c0f24d7dfa6b576014ec75d0c3b9e852e1a545eaa96253e087f02a2b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32e396c2538a89401dd7cc5758f7ada6294a4d7b94065404a58135013475f832
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
34016668b10da957d14e3365f22a3f8da174fd8185f4e264fd7e6a206220a131
34225d7f73507f68f00c3605cb61eecb8b670b014fe633e824e6fe19bcf49e40
3523694353bc571190a91da3abd13775ac456abdafff8a68840b15c70f6902b1
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
3773f8f47bee2def4eb6870466f7c65bc8bc062aa718bd1bfe995897817f5f42
3ace7ece49563b15b32c04681eca2e9b0507170777f1622b9161e48618fdaae3
3ad6c8bd3624555dd79177efe91f0aca20e7f28597fa6b49762c27f337500d8d
3c0b68ea789d4bc6705f42dd6c44eb38306b965df01f9409eb4a941370e3b158
3cf78ad3bcd1324e10a4acdc34bfc4a159f9a045b30edbe3738a9d1b9f807a39
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42dd1580f08ce097eb016607569e2947aa3ec792742135aa4415d3df0d6dbc0b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b23bd9972b496b7d9a2154192c6ce3bfed354a4393bc08c43432d9b22a1e69
45a84f5a856c372aad368cd0b7eff20e8b232db78d06b46502683ad1b3b4b8cb
4856c98298a6c43f10703029e7e82a6ffbf47f60cda75e49195ef016612320a8
494d66c1f510af5609c852b228a4ad3e0f12ccf93126b5f437f8e4ac14def828
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6703cd54650cdd75f59266d630970479d273471a330e272cdaaef9481c55cc
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
5168687db41ad16a2e5087cff577a1e70455d941b076f82a76521c41267a3a90
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5935b4a1549a8f07e078ae68cad5a885975fcb29d8f7e9f135ec9fcb5f76eec3
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
6870ac3cd95b291dcd069ac4d7d2255c0879fac3e34fd65df55631b3fb5092d0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6c5d9d0c55e1ca599e6744af0c4f45f2dffa0690bda99be9836eee87accf86a0
6f0c572590421075878908e0b380c5a6d404f72aa7d6d125385943be658f8399
6f130bba23cedaf6e3ea975203c8fecf36510530246323ac7d8e5a925c1f59a2
75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7c623e6d542438c23c61e8f01e4451ef9a8571fb84148e6295ad4eb992c1dc3b
7cdc558992cf8d77ea5e9fb2360e25aaf19eb850036f750657963044a5b3ca1c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8683f45a2ee8c6523438bfe8d32266ffede8d7987e6ebd05665f75e870518051
8939e532229f8e30daeb08be6b9db748ea66b6a6e024f30ac404fad3ce3021b9
894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067
89859e3e04631dda5bf72fa4dda08d8ac6e61f051022ac3dad813b450c7b4521
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a4c74769c54c9b89f62cea80a3613053e94dbbb4bc75eb5d9b92df67faada16
8cbe0c335e9bfbde6c16698f7f837de1f3ee9aeab30dde2b2336f56d38f37524
91bf78345c55ec05de11377a4b3a8a5789ef302d73124a401cef84edbce178cd
91e1639bfe28ee7938a2f1ebdf5b6fa1b6e8f61de0db1ee2caef69dc12483ff5
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
98f2013859261e38a2f4c4016bc2acf1a77b0034fe977f702cefb302849a874d
9cfbc520cf8973e967238701a642c40d42d43c9a8a7adff44bb991eac5fbcb5e
9f4475eae095323047db5510976d6c71657ad3b99a8d9f2b7b1487eb817917c1
a0224cc724bcb8a2d530b1b697a52215a17d941f8c2dad213c42111cd976e7bd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3afb91a3341abe63b33888e9d702beb9c2b6a1b62fac96ca77af843913176d0
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a9220f99b916978e5d7934b73be5ab91444871ba52a89032e4dd90e42b0a96e1
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19ac4e57f2a56639eebd1c35319e5a7124be70d3fa155b63d878886520154fa
b8654209f3456faba9f227d6ef407a65369bd1de70ef534f36ae63118b2886ef
b8e237ac1346c5a793d488c430200697df58e08213467d265b9a9107b37d9516
b9d1c56086d019ec3562a57747ab0e56465297c54c85acfd29feba46c8a3bec7
bae8a1851fc2e04b2104e0d6ad1b97e05122b5e109be7af6205bf8bb2fa0fc3a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
bbbb765760c045d5497ee51028639b9377965e8ec84d59c7b2e8c431b821405c
bcf86d95e543e9748b28362562cdbce0c7be01b48dd54191912e15f820daf4aa
bdfbfb2854dedcda7341d9ff3c7a8a9c9407c994281d26eca3ffb0c1b268ba18
c494e6684e1634aa53c2115e6638851b10b998eaf5cafbd11b8121ff7e519fb8
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
c8ab9b9420c62d3c6aec3b2a0e8690a55fa03b9830bc8e7dd8a7e09acedbafe9
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cd66770c5dabf42a7fe836d75942a7ed4bd9673d184b7c9d0d76ddbd059fd105
cdb881384544268d5eab706262d1e607a14295db46c8661d33d9889cf0f9f893
d2600a9847840ff211ba8121dc4d6c865425c73d6e8b904c7a609eac9baf1b71
d80200523e723113f1802f7eb3258d5b922e6546d637d502f0fd2ea470201df5
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6360501e338ae36e7a18973604d2b34d6cb11091717c480c462a10b3a1b539
dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463
e18564bddbb4a63819726d5ae1937fba9788d14b1224113a71c6d7450038613a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61574316878cc4b84869059fb97a686550912b56b60e2684afbe4e663470cf1
e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00
ed79248088783dd5be147808b6f904dc55122f18e80cc0780da3d3e6152ea1b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066c7f02adff80237744e45e0f4d817dfb94b59e06cf15ff708443822394f0e
f0ae296f5c19db047491f1311d621ff18960b34cfa9cb07b69932a02ec298366
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc8a5476717976c6defa309cb5240128e21e76360897ce545acecdfe19adcabd
fe7c01c09db58ac2ea5ad79017cc9ad7c2099eb177e826b13248515aa1be4f8e

offers.amrelieve.com Open in urlscan Pro 52.212.43.230 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

170 Requests

93 %HTTPS

33 %IPv6

46 Domains

69 Subdomains

59 IPs

9 Countries

19073 kBTransfer

22899 kBSize

59 Cookies

1 Outgoing links

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

offers.amrelieve.com Open in urlscan Pro
52.212.43.230 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

93 %
HTTPS

33 %
IPv6

46
Domains

69
Subdomains

59
IPs

9
Countries

19073 kB
Transfer

22899 kB
Size

59
Cookies

170 HTTP transactions
0 data transactions