urlscan.io logo urlscan.io
SecurityTrails logo

www.intherooms.com Open in urlscan Pro
104.237.154.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://url8038.updates.intherooms.com/ls/click?upn=K-2FKSuE9R1XER9MFjgULxTx8GU7tJCinhLLx3fVOTgpv9L7olGjeaU32aWgNB0CWsIyAMbKWtz68d9rOI4...
Effective URL: https://www.intherooms.com/home/find-treatment-center/
Submission: On July 11 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 7 countries across 26 domains to perform 114 HTTP transactions. The main IP is 104.237.154.11, located in Fremont, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is www.intherooms.com. The Cisco Umbrella rank of the primary domain is 756683.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 11th 2021. Valid for: a year.
This is the only time www.intherooms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.52 11377 (SENDGRID)
2 30 104.237.154.11 63949 (LINODE-AP...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 52.222.236.79 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 35.159.35.35 16509 (AMAZON-02)
3 142.250.185.226 15169 (GOOGLE)
4 52.4.246.121 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
2 45.79.82.75 63949 (LINODE-AP...)
1 54.237.82.38 14618 (AMAZON-AES)
4 34.96.102.137 15169 (GOOGLE)
1 18.66.97.10 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 52.222.236.63 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 54.234.151.247 14618 (AMAZON-AES)
1 23.54.114.218 16625 (AKAMAI-AS)
3 23.20.158.212 14618 (AMAZON-AES)
1 18.66.139.40 16509 (AMAZON-02)
1 54.228.48.187 16509 (AMAZON-02)
2 52.42.83.23 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 52.19.184.31 16509 (AMAZON-02)
2 185.64.190.80 62713 (AS-PUBMATIC)
3 4 142.250.186.34 15169 (GOOGLE)
3 3 185.89.210.244 29990 (ASN-APPNEX)
2 35.71.131.137 16509 (AMAZON-02)
1 2 185.86.139.57 201081 (SMARTADSE...)
1 44.239.82.163 16509 (AMAZON-02)
1 34.217.170.183 16509 (AMAZON-02)
1 6 35.167.47.255 16509 (AMAZON-02)
2 2 52.50.96.246 16509 (AMAZON-02)
2 2 52.212.188.172 16509 (AMAZON-02)
1 69.173.144.138 26667 (RUBICONPR...)
1 2a04:4e42:200... 54113 (FASTLY)
1 35.244.159.8 15169 (GOOGLE)
1 44.238.81.176 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
114 39
1    167.89.118.52 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x52.outbound-mail.sendgrid.net
url8038.updates.intherooms.com
30    104.237.154.11 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: 104-237-154-11.ip.linodeusercontent.com
directory.intherooms.com
intherooms.com
www.intherooms.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    52.222.236.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-79.fra56.r.cloudfront.net
media-cdn.ipredictive.com
5    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    35.159.35.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-159-35-35.eu-central-1.compute.amazonaws.com
tags.w55c.net
3    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
4    52.4.246.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-246-121.compute-1.amazonaws.com
powerad.ai
4    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    45.79.82.75 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1181-75.members.linode.com
media.intherooms.com
1    54.237.82.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-82-38.compute-1.amazonaws.com
ad.ipredictive.com
4    34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net
static.hotjar.com
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net
script.hotjar.com
6    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com
reporting.powerad.ai
1    23.54.114.218 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-114-218.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com
hb.brainlyads.com
1    18.66.139.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-40.fra60.r.cloudfront.net
vars.hotjar.com
1    54.228.48.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-48-187.eu-west-1.compute.amazonaws.com
p.cpx.to
2    52.42.83.23 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-83-23.us-west-2.compute.amazonaws.com
a.ad.gt
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.gstatic.com
3    52.19.184.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-184-31.eu-west-1.compute.amazonaws.com
s.cpx.to
2    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
4    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
3    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    185.86.139.57 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
1    44.239.82.163 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-82-163.us-west-2.compute.amazonaws.com
id.halo.ad.gt
1    34.217.170.183 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-170-183.us-west-2.compute.amazonaws.com
p.ad.gt
6    35.167.47.255 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-47-255.us-west-2.compute.amazonaws.com
ids.ad.gt
2    52.50.96.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-96-246.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    52.212.188.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-188-172.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
1    44.238.81.176 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-81-176.us-west-2.compute.amazonaws.com
pixels.ad.gt
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
Apex Domain
Subdomains		 Transfer
33 intherooms.com
url8038.updates.intherooms.com
directory.intherooms.com
intherooms.com — Cisco Umbrella Rank: 605431
www.intherooms.com — Cisco Umbrella Rank: 756683
media.intherooms.com
731 KB
11 ad.gt
a.ad.gt — Cisco Umbrella Rank: 4592
id.halo.ad.gt — Cisco Umbrella Rank: 4817
p.ad.gt — Cisco Umbrella Rank: 5259
ids.ad.gt — Cisco Umbrella Rank: 4600
pixels.ad.gt — Cisco Umbrella Rank: 5098
33 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
maps.gstatic.com
535 KB
9 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
157 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
maps.googleapis.com — Cisco Umbrella Rank: 322
228 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
23 KB
6 powerad.ai
powerad.ai — Cisco Umbrella Rank: 16368
reporting.powerad.ai — Cisco Umbrella Rank: 17855
48 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
192 KB
4 cpx.to
p.cpx.to — Cisco Umbrella Rank: 9072
s.cpx.to — Cisco Umbrella Rank: 2286
5 KB
4 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5299
50 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 8
24 KB
3 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 408
3 KB
3 brainlyads.com
hb.brainlyads.com — Cisco Umbrella Rank: 14728
195 KB
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 488
image2.pubmatic.com — Cisco Umbrella Rank: 865
66 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 627
script.hotjar.com — Cisco Umbrella Rank: 904
vars.hotjar.com — Cisco Umbrella Rank: 917
67 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
111 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 474
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 642
686 B
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1422
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 367
529 B
2 w55c.net
tags.w55c.net — Cisco Umbrella Rank: 3718
1 KB
2 ipredictive.com
media-cdn.ipredictive.com — Cisco Umbrella Rank: 8322
ad.ipredictive.com — Cisco Umbrella Rank: 5557
7 KB
1 openx.net
u.openx.net — Cisco Umbrella Rank: 710
306 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 672
368 B
1 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 711
214 B
0 fullstory.com Failed
fullstory.com Failed
114 26
Domain Requested by
28 www.intherooms.com www.intherooms.com
7 maps.googleapis.com www.intherooms.com
maps.googleapis.com
6 ids.ad.gt 1 redirects www.intherooms.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 www.gstatic.com www.google.com
5 www.googletagmanager.com www.intherooms.com
www.googletagmanager.com
powerad.ai
4 cm.g.doubleclick.net 3 redirects www.intherooms.com
4 dev.visualwebsiteoptimizer.com www.intherooms.com
dev.visualwebsiteoptimizer.com
4 www.google.com www.intherooms.com
www.gstatic.com
www.google.com
4 powerad.ai www.intherooms.com
powerad.ai
3 secure.adnxs.com 3 redirects
3 s.cpx.to p.cpx.to
www.intherooms.com
3 hb.brainlyads.com powerad.ai
www.intherooms.com
3 fonts.gstatic.com fonts.googleapis.com
3 securepubads.g.doubleclick.net www.intherooms.com
securepubads.g.doubleclick.net
2 connect.facebook.net p.ad.gt
connect.facebook.net
2 match.prod.bidr.io 2 redirects
2 ad.360yield.com 2 redirects
2 sync.smartadserver.com 1 redirects www.intherooms.com
2 match.adsrvr.org www.intherooms.com
2 image2.pubmatic.com www.intherooms.com
2 maps.gstatic.com www.intherooms.com
2 a.ad.gt www.intherooms.com
p.ad.gt
2 reporting.powerad.ai powerad.ai
2 stats.g.doubleclick.net www.google-analytics.com
2 media.intherooms.com www.intherooms.com
2 tags.w55c.net 1 redirects www.intherooms.com
1 pixels.ad.gt p.ad.gt
1 u.openx.net www.intherooms.com
1 trc.taboola.com www.intherooms.com
1 token.rubiconproject.com www.intherooms.com
1 p.ad.gt a.ad.gt
1 id.halo.ad.gt a.ad.gt
1 p.cpx.to www.intherooms.com
1 vars.hotjar.com static.hotjar.com
1 ads.pubmatic.com www.intherooms.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.intherooms.com
1 ad.ipredictive.com www.intherooms.com
1 media-cdn.ipredictive.com www.intherooms.com
1 fonts.googleapis.com www.intherooms.com
1 intherooms.com 1 redirects
1 directory.intherooms.com 1 redirects
1 url8038.updates.intherooms.com 1 redirects
0 fullstory.com Failed www.intherooms.com
114 45
Subject Issuer Validity Valid
*.intherooms.com
Go Daddy Secure Certificate Authority - G2		 2021-08-11 -
2022-09-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.ipredictive.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
powerad.ai
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2022-07-04 -
2023-08-05		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.powerad.ai
Go Daddy Secure Certificate Authority - G2		 2021-08-13 -
2022-09-14		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
hb.brainlyads.com
Go Daddy Secure Certificate Authority - G2		 2021-11-25 -
2022-12-27		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2022-01-13 -
2023-01-13		 a year crt.sh
*.ad.gt
Amazon		 2022-05-10 -
2023-06-08		 a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2022-01-17 -
2023-01-17		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
halo.ad.gt
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-19 -
2022-07-18		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.intherooms.com/home/find-treatment-center/
Frame ID: 08E35CF5823D970624D8BFD1AB85072F
Requests: 102 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Frame ID: 1B6E08C9A5C75EB3B854C415F5ADBB38
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Frame ID: C82252916FF75C9AA8D32D5F586A4F0A
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: D21FA38B449F3BABA539F314E78834DB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfwk3cUAAAAAPUAFXpUGmIZGCsB24-6bqUlWkZf&co=aHR0cHM6Ly93d3cuaW50aGVyb29tcy5jb206NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=b3fkwg4lqqt4
Frame ID: 43821A80F4E9E7B87856873663DF50BF
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e0db0f25ef573fe233efc0372d38d69.html
Frame ID: C4978C9487EE2C64D5CFF733F54AD310
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lfwk3cUAAAAAPUAFXpUGmIZGCsB24-6bqUlWkZf
Frame ID: 89A2442A45E471C8EEB12CA9DB4BF951
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Find Addiction Treatment Centers & Addiction Doctors Near You

Page URL History Show full URLs

  1. http://url8038.updates.intherooms.com/ls/click?upn=K-2FKSuE9R1XER9MFjgULxTx8GU7tJCinhLLx3fVOTgpv9L7olGjeaU32aWgNB0... HTTP 302
    http://directory.intherooms.com/help/lead?lead_id=DigitalSignature HTTP 302
    http://intherooms.com/home/find-treatment-center/ HTTP 301
    https://www.intherooms.com/home/find-treatment-center/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

114
Requests

91 %
HTTPS

26 %
IPv6

26
Domains

45
Subdomains

39
IPs

7
Countries

2474 kB
Transfer

6211 kB
Size

52
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://url8038.updates.intherooms.com/ls/click?upn=K-2FKSuE9R1XER9MFjgULxTx8GU7tJCinhLLx3fVOTgpv9L7olGjeaU32aWgNB0CWsIyAMbKWtz68d9rOI42FK7-2FZpowdSX-2FyEUZGtYdWoRgg-3DIvps_nI2ucydj68HeZEm0bUb-2BPXED2ujZggFt8ieaLBC0-2Fo7Ud1l1nsMSBC0w3B0CwOS4y-2FfS7JhRdvZZ7dKbkUnA3UmSwJAW-2Bc3aiUDNaAD20sx-2B6qJSxrIFeHr2YKwO9njR9c0ycfv-2BzUMwBG-2Bjrbc-2B5EbvJJtPPCMILUhqbb8swP7rtOXGhvJWG-2Blorr25TQ-2FD-2F-2FQI6gLsCmZT4jcqs2F255UZ6cvRqmdX2yNn9ygrbMQ-2BvquzRkkzuBmn760PaolZLPyWFosNfTZO9Yi5B0Lc-2Bep3Y-2BUvoEEGMZge1sbIavbctqKlC5UK8g17Mexz-2Fhm4dL3gjwYoy5wGWWSvM4RfsuNcbO5WOkncYkB66SYz73KtJhO6jMQUF85gMMlHZhARg4M2U0og5CqjyVfzt5z5T6ANfEc0unXRo1PwuCmZJfg-3D&c=E,1,nMsqigQc2pmmoqoUXnE1HxypQq_AfFzwRvDbgduf5S3xp5PpoCu2Ofb_Uqv65aRYPXoTlCB0HHz7-xUtEh_6vCprRdWHDmnBFQ4jmF80oxJaueKWe4KCEFIYwSs,&typo=1 HTTP 302
    http://directory.intherooms.com/help/lead?lead_id=DigitalSignature HTTP 302
    http://intherooms.com/home/find-treatment-center/ HTTP 301
    https://www.intherooms.com/home/find-treatment-center/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://tags.w55c.net/rs?id=077a817f5bdd4647914945dfd54adf5d&t=homepage HTTP 302
  • https://tags.w55c.net/rs?sccid=7f11c134-1ef1-3685-903f-77b99233abc5&scc=1&id=077a817f5bdd4647914945dfd54adf5d&t=homepage
Request Chain 89
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=4ed45e8f-0e94-4f80-85bd-eb78a852da13 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=4ed45e8f-0e94-4f80-85bd-eb78a852da13&google_tc= HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=4ed45e8f-0e94-4f80-85bd-eb78a852da13&google_gid=CAESEBVN0mVzeZwVA5rTLKi1uD0&google_cver=1
Request Chain 90
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12967%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.intherooms.com%252Fhome%252Ffind-treatment-center%252F%26hn_ver%3D40%26fid%3D4ed45e8f-0e94-4f80-85bd-eb78a852da13 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12967%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fwww.intherooms.com%25252Fhome%25252Ffind-treatment-center%25252F%2526hn_ver%253D40%2526fid%253D4ed45e8f-0e94-4f80-85bd-eb78a852da13 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=1787537755160063918&pid=12967&ref=&url=https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F&hn_ver=40&fid=4ed45e8f-0e94-4f80-85bd-eb78a852da13
Request Chain 92
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D4ed45e8f-0e94-4f80-85bd-eb78a852da13&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=4ed45e8f-0e94-4f80-85bd-eb78a852da13&gdpr=0&cklb=1
Request Chain 95
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001657566329-7TSW626E-ZNUX&adnxs_id=$UID HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001657566329-7TSW626E-ZNUX&adnxs_id=1787537755160063918
Request Chain 98
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001657566329-7TSW626E-ZNUX HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001657566329-7TSW626E-ZNUX&google_gid=CAESEEbPNxgKvAuLNituO_fGhDw&google_cver=1&google_ula=450542624,0
Request Chain 99
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001657566329-7TSW626E-ZNUX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY1NzU2NjMyOS03VFNXNjI2RS1aTlVY
Request Chain 100
  • https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001657566329-7TSW626E-ZNUX%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001657566329-7TSW626E-ZNUX%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001657566329-7TSW626E-ZNUX&impr_uid=e061d2a7-795f-4957-8aac-0f7140d48a31
Request Chain 101
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001657566329-7TSW626E-ZNUX HTTP 303
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001657566329-7TSW626E-ZNUX&_bee_ppp=1 HTTP 303
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAGcQE7FmOkAAA8PlSHbHg&id=AU1D-0100-001657566329-7TSW626E-ZNUX

114 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.intherooms.com/home/find-treatment-center/
Redirect Chain
  • http://url8038.updates.intherooms.com/ls/click?upn=K-2FKSuE9R1XER9MFjgULxTx8GU7tJCinhLLx3fVOTgpv9L7olGjeaU32aWgNB0CWsIyAMbKWtz68d9rOI42FK7-2FZpowdSX-2FyEUZGtYdWoRgg-3DIvps_nI2ucydj68HeZEm0bUb-2BPXE...
  • http://directory.intherooms.com/help/lead?lead_id=DigitalSignature
  • http://intherooms.com/home/find-treatment-center/
  • https://www.intherooms.com/home/find-treatment-center/
105 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
07040463dd75395bbadca7ad41001d3347cd259ed7f6bf78738c7919a69611dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 11 Jul 2022 19:05:26 GMT
Link
<https://www.intherooms.com/home/wp-json/>; rel="https://api.w.org/" <https://www.intherooms.com/home/wp-json/wp/v2/pages/65391>; rel="alternate"; type="application/json" <https://www.intherooms.com/home/?p=65391>; rel=shortlink
Server
nginx
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Mon, 11 Jul 2022 19:05:25 GMT
Location
https://www.intherooms.com/home/find-treatment-center/
Server
nginx
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
styles.css
www.intherooms.com/home/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 07 Mar 2022 19:14:02 GMT
Server
nginx
ETag
W/"6226597a-aab"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
main.css
www.intherooms.com/home/wp-content/plugins/easy-gdpr-consent-mailchimp/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-content/plugins/easy-gdpr-consent-mailchimp/css/main.css?ver=1.0.1
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
4eaf5df0af2770d534d10ed2b4f1a8fafa3ff04a3147db854ba3d721df286299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 05 Aug 2019 10:46:07 GMT
Server
nginx
ETag
W/"5d4808ef-eec"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
style.css
www.intherooms.com/home/wp-content/plugins/itr-testimonials/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-content/plugins/itr-testimonials/css/style.css?ver=1.0
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
db9e2a94f9f1ca3c67f7329db516c3b9e082a80636ae89016e8d6848d013308a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 23 Aug 2019 07:51:54 GMT
Server
nginx
ETag
W/"5d5f9b1a-736"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT+Serif%3A400%2C400i%2C600%7CIBM+Plex+Serif%3A500
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9d01d0ed33d145abdad96c63e65a72a0ac3874343f4a53d2308a010605467572
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.intherooms.com/
Origin
https://www.intherooms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:58:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 11 Jul 2022 19:05:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Jul 2022 19:05:26 GMT
style.css
www.intherooms.com/home/wp-content/themes/contentberg/ 		194 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-content/themes/contentberg/style.css?ver=1.8.3
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
a937f3f0167edaa39003c91daed3f6e9316b4dbbf4a50967221f98bbd6fb2e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 17 Nov 2020 10:59:58 GMT
Server
nginx
ETag
W/"5fb3ad2e-308e7"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
lightbox.css
www.intherooms.com/home/wp-content/themes/contentberg/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-content/themes/contentberg/css/lightbox.css?ver=1.8.3
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
652876c64c94fddfefb323a90fb2de3f80c5a1eccf34ac91a3c6b9b7ad366e2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 25 Sep 2018 18:19:00 GMT
Server
nginx
ETag
W/"5baa7c14-215d"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
font-awesome.min.css
www.intherooms.com/home/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.7
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
8cdc53975174314cc55ef7ca7ee80afbf80e724452e4b0fc7e4bea1e43ad4f59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 05 Aug 2019 10:46:43 GMT
Server
nginx
ETag
W/"5d480913-7793"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
jquery.min.js
www.intherooms.com/home/wp-includes/js/jquery/ 		87 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 25 Aug 2021 18:44:51 GMT
Server
nginx
ETag
W/"61268fa3-15db1"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
jquery-migrate.min.js
www.intherooms.com/home/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 Mar 2021 17:30:04 GMT
Server
nginx
ETag
W/"604a539c-2bd8"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
main.js
www.intherooms.com/home/wp-content/plugins/easy-gdpr-consent-mailchimp/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-content/plugins/easy-gdpr-consent-mailchimp/js/main.js?ver=1.0.1
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
f82b2070d89fbd24a7727258f27c297483cc7338d74b57c1003db20a9e4e7ca7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 05 Aug 2019 10:46:07 GMT
Server
nginx
ETag
W/"5d4808ef-3053"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
jquery.geocomplete.min.js
www.intherooms.com/home/wp-content/plugins/itr-directory/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-content/plugins/itr-directory/js/jquery.geocomplete.min.js?ver=6.0
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
82683c66b8c6eef5f089e0349a6801d7b98f1f46607167e04867ba983f1d3d17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 23 Oct 2019 15:43:25 GMT
Server
nginx
ETag
W/"5db0751d-221a"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
js
maps.googleapis.com/maps/api/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyCehke7XKLi1D6FVDUanfHtzfSVJRrOIHQ&libraries=places&ver=6.0
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
a5739201f887b29e9c388abde422bb8ed703a25e201fed75c13da3bf6f53ad1b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:26 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=19
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56206
x-xss-protection
0
expires
Mon, 11 Jul 2022 19:35:26 GMT
cirt_v2.min.js
media-cdn.ipredictive.com/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media-cdn.ipredictive.com/js/cirt_v2.min.js
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-79.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4308b770a8f544c1fc4487836df776d7a8a4170b0947e45c9b748369846ee115

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 00:55:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Jun 2016 03:48:58 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:501/gname:staff/uname:tpu/gid:20/mode:33188/mtime:1466480833/atime:1466480865/md5:06959ee0164f60e0f6954610590aff8e/ctime:1466480833
Age
65424
ETag
W/"06959ee0164f60e0f6954610590aff8e"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P4
X-Amz-Cf-Id
obXcWyLyEDsJxUB7KfSSlvr2XjiJ7KT12sg5nRs12zpDbVEfzV1S4A==
js
www.googletagmanager.com/gtag/ 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a74fffeafacfdfb2788882a80fdae4280b11301ee3a6cf3bc91618c48b0fc896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34231
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:31:59 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Jul 2022 19:05:27 GMT
rs
tags.w55c.net/
Redirect Chain
  • https://tags.w55c.net/rs?id=077a817f5bdd4647914945dfd54adf5d&t=homepage
  • https://tags.w55c.net/rs?sccid=7f11c134-1ef1-3685-903f-77b99233abc5&scc=1&id=077a817f5bdd4647914945dfd54adf5d&t=homepage
42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.w55c.net/rs?sccid=7f11c134-1ef1-3685-903f-77b99233abc5&scc=1&id=077a817f5bdd4647914945dfd54adf5d&t=homepage
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Server
35.159.35.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-159-35-35.eu-central-1.compute.amazonaws.com
Software
Retargeting/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0aa046f85b99a54d2@eu-central-1a@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 19:05:27 GMT
Server
Retargeting/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0aa046f85b99a54d2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 19:05:26 GMT
Server
Retargeting/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-046b02221141da501@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://tags.w55c.net/rs?sccid=7f11c134-1ef1-3685-903f-77b99233abc5&scc=1&id=077a817f5bdd4647914945dfd54adf5d&t=homepage
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
7aa152e37cc1423038f78f8d97dc5b8bc3b5c72cd02f4d1c0dfdea5ffc2602c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28118
x-xss-protection
0
server
sffe
etag
"1271 / 446 of 1000 / last-modified: 1657549801"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 11 Jul 2022 19:05:27 GMT
script.js
powerad.ai/ 		197 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/script.js
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.246.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-246-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
9e629d2f148bc527e60bc2d24651d61753236b42fcdfff6f2ff27fed93094a3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:27 GMT
content-encoding
gzip
last-modified
Mon, 11 Jul 2022 17:59:35 GMT
x-powered-by
Express
etag
W/"313b5-181ee6aa6b0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
api.js
www.google.com/recaptcha/ 		850 B
965 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
552
x-xss-protection
1; mode=block
expires
Mon, 11 Jul 2022 19:05:27 GMT
ITR_logo_new@2x.png
www.intherooms.com/home/wp-content/uploads/2019/08/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intherooms.com/home/wp-content/uploads/2019/08/ITR_logo_new@2x.png
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
946f2fe9f1d495a92439f565ea3c0a553132d8156ce6eb778549cc2e97598af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 05 Aug 2019 11:07:34 GMT
Server
nginx
ETag
"5d480df6-e16a"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57706
X-XSS-Protection
1; mode=block
ITR_logo_new-resize70px-height.png
www.intherooms.com/home/wp-content/uploads/2019/08/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intherooms.com/home/wp-content/uploads/2019/08/ITR_logo_new-resize70px-height.png
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
4f188ba5ef3a034479c012bfacaac35b033b2e82ce7af131ae3e8204bd2b3a9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 22 Aug 2019 14:32:28 GMT
Server
nginx
ETag
"5d5ea77c-2cd0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11472
X-XSS-Protection
1; mode=block
map-trs.png
www.intherooms.com/home/wp-content/uploads/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intherooms.com/home/wp-content/uploads/images/map-trs.png
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
51d3390cc965691d01d9c2854d2a19e60e004ef59bd8efb638f28cf0ffb124f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 31 Oct 2019 15:20:22 GMT
Server
nginx
ETag
"5dbafbb6-15f7"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5623
X-XSS-Protection
1; mode=block
apple-app-store.png
media.intherooms.com/images/public/apps/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.intherooms.com/images/public/apps/apple-app-store.png
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.82.75 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1181-75.members.linode.com
Software
nginx/1.16.1 /
Resource Hash
72b78920fbaf8cbf8c6f0e60133689b6e440b9b0a69dab9be88de0f04cc373ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
Last-Modified
Sat, 23 Mar 2019 04:13:44 GMT
Server
nginx/1.16.1
ETag
"5c95b278-10fc"
Content-Type
image/png
Cache-Control
max-age=604800, public, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4348
Expires
Mon, 18 Jul 2022 19:05:27 GMT
google-play-store.png
media.intherooms.com/images/public/apps/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.intherooms.com/images/public/apps/google-play-store.png
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.82.75 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1181-75.members.linode.com
Software
nginx/1.16.1 /
Resource Hash
047103f333be819987c8e5d91c13510244c0e6260b11bd230ccaadc46e253030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
Last-Modified
Sat, 23 Mar 2019 04:13:44 GMT
Server
nginx/1.16.1
ETag
"5c95b278-1325"
Content-Type
image/png
Cache-Control
max-age=604800, public, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4901
Expires
Mon, 18 Jul 2022 19:05:27 GMT
regenerator-runtime.min.js
www.intherooms.com/home/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 25 May 2022 04:00:21 GMT
Server
nginx
ETag
W/"628da9d5-194b"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
wp-polyfill.min.js
www.intherooms.com/home/wp-includes/js/dist/vendor/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 25 May 2022 04:00:21 GMT
Server
nginx
ETag
W/"628da9d5-4ac6"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
index.js
www.intherooms.com/home/wp-content/plugins/contact-form-7/includes/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 07 Mar 2022 19:14:02 GMT
Server
nginx
ETag
W/"6226597a-25f8"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
magnific-popup.js
www.intherooms.com/home/wp-content/themes/contentberg/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-content/themes/contentberg/js/magnific-popup.js?ver=1.8.3
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 27 Sep 2018 18:31:49 GMT
Server
nginx
ETag
W/"5bad2215-4ef8"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
jquery.fitvids.js
www.intherooms.com/home/wp-content/themes/contentberg/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-content/themes/contentberg/js/jquery.fitvids.js?ver=1.8.3
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
94a82b1a138fa5d52f95bca894904e57a7ba5d89275712792e34c6192aeaddba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 16 Sep 2018 02:54:10 GMT
Server
nginx
ETag
W/"5b9dc5d2-873"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
imagesloaded.min.js
www.intherooms.com/home/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 17 Nov 2020 12:40:26 GMT
Server
nginx
ETag
W/"5fb3c4ba-15fd"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
object-fit-images.js
www.intherooms.com/home/wp-content/themes/contentberg/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-content/themes/contentberg/js/object-fit-images.js?ver=1.8.3
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
8c2fded8e3119fcb15699d6752e3834a4b20ba353ca20f0842419c466f2dc97b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 16 Sep 2018 02:45:58 GMT
Server
nginx
ETag
W/"5b9dc3e6-cda"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
theme.js
www.intherooms.com/home/wp-content/themes/contentberg/js/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-content/themes/contentberg/js/theme.js?ver=1.8.3
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
0614edd6fa88c0535d3c7cbad1c7c7f7f613a3d49d359193a17633c977edcfe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 17 Nov 2020 10:36:31 GMT
Server
nginx
ETag
W/"5fb3a7af-bb34"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
theia-sticky-sidebar.js
www.intherooms.com/home/wp-content/themes/contentberg/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-content/themes/contentberg/js/theia-sticky-sidebar.js?ver=1.8.3
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
29e23646a639746b95623aef060574c65b55f7531cf6502b7fc0d6a245568476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 19 Oct 2018 01:44:07 GMT
Server
nginx
ETag
W/"5bc936e7-1611"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
jquery.slick.js
www.intherooms.com/home/wp-content/themes/contentberg/js/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-content/themes/contentberg/js/jquery.slick.js?ver=1.8.3
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
2d199fc8a0cad1784b67a93991b7f1e9e97eaadaf3cdf334eca5a98fb43eb0ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 05 Sep 2018 02:02:48 GMT
Server
nginx
ETag
W/"5b8f3948-9e0d"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
jarallax.js
www.intherooms.com/home/wp-content/themes/contentberg/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-content/themes/contentberg/js/jarallax.js?ver=1.8.3
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
a8680939292053c808260c3dfa05f9257b6940c0da273f26ad3fc969e53f84f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 19 Oct 2018 16:41:08 GMT
Server
nginx
ETag
W/"5bca0924-3d35"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
wp-emoji-release.min.js
www.intherooms.com/home/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-includes/js/wp-emoji-release.min.js?ver=6.0
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 25 May 2022 04:00:21 GMT
Server
nginx
ETag
W/"628da9d5-48b9"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCehke7XKLi1D6FVDUanfHtzfSVJRrOIHQ&libraries=places&ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.intherooms.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
pixel
ad.ipredictive.com/d/rt/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/rt/pixel?uuid=72e4028b-2a2b-4bef-8075-728efb7baf7e&rtsite_id=44787&sdk_src=js&ts=1657566327&rr=46050719343205504&sdkv=1.0.0-beta&res=1600x1200&cookie=1&ref=&dloc=https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F&ds=1&xp_pdf=1&xp_qt=0&xp_realp=0&xp_wma=0&xp_dir=0&xp_fla=0&xp_java=0&xp_gears=0&xp_ag=0&event=pageview&ev_pageview=%7B%22url%22%3A%22https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F%22%2C%22title%22%3A%22Find%20Addiction%20Treatment%20Centers%20%26%20Addiction%20Doctors%20Near%20You%22%7D
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.82.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-82-38.compute-1.amazonaws.com
Software
/
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
Connection
keep-alive
Content-Length
631
X-CI-RTID
6d0d3e09-014c-11ed-8342-7383e55b7e84
Content-Type
image/jpeg
j.php
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=512181&u=https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F&f=1&r=0.5219378613351291
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
95197d6970141f7bb9c4c1c7c1decfe205e447626f5edd31f165b97d8611e285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Jul 2022 19:05:26 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
hotjar-1712336.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1712336.js?sv=6
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-10.fra56.r.cloudfront.net
Software
/
Resource Hash
2b4319c316952587d47e69d391d07e2a1440a9a3de95139ef4d99c47b158ca66
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
12
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-origin
*
x-cache-hit
1
etag
W/08d2cc9e15911bdd50fb8bc315896c3e
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
cache-control
max-age=60
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
6H5FgSUVua_16kkVxAdKghq2XF12au9oswhmBRlNKkG3YLpP_Ddzsw==
fs.js
fullstory.com/s/ 		0
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT+Serif%3A400%2C400i%2C600%7CIBM+Plex+Serif%3A500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.intherooms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 12:56:05 GMT
x-content-type-options
nosniff
age
22162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 12:56:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT+Serif%3A400%2C400i%2C600%7CIBM+Plex+Serif%3A500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.intherooms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 19:07:55 GMT
x-content-type-options
nosniff
age
604652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jul 2023 19:07:55 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 		366 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.intherooms.com/
Origin
https://www.intherooms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 14:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15884
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Jul 2023 14:40:43 GMT
map.png
www.intherooms.com/home/wp-content/uploads/images/ 		360 KB
361 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intherooms.com/home/wp-content/uploads/images/map.png
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
138bc54f841826a4124ec505372e857dcacf10ab345d78f6c6ad56c2c45b012e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/home/find-treatment-center/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 31 Oct 2019 15:20:25 GMT
Server
nginx
ETag
"5dbafbb9-5a139"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
368953
X-XSS-Protection
1; mode=block
fontawesome-webfont.woff2
www.intherooms.com/home/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.intherooms.com/home/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.237.154.11 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
104-237-154-11.ip.linodeusercontent.com
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.intherooms.com/home/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.7
Origin
https://www.intherooms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 05 Aug 2019 10:46:43 GMT
Server
nginx
ETag
"5d480913-12d68"
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77160
X-XSS-Protection
1; mode=block
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT+Serif%3A400%2C400i%2C600%7CIBM+Plex+Serif%3A500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.intherooms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 08:45:42 GMT
x-content-type-options
nosniff
age
555585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 08:45:42 GMT
js
www.googletagmanager.com/gtag/ 		103 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-155894624-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3469e2a20ee40dc3fe99d4d6835405f3b69b7fc3954a14e2b6377c9e8d7f98df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:27 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40407
x-xss-protection
0
expires
Mon, 11 Jul 2022 19:05:27 GMT
js
www.googletagmanager.com/gtag/ 		103 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-155894624-4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b6fd315648b63c0c69aba90f8935c132ed9259192022796eb285c0fc36b8950b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:27 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40408
x-xss-protection
0
expires
Mon, 11 Jul 2022 19:05:27 GMT
pubads_impl_2022063001.js
securepubads.g.doubleclick.net/gpt/ 		374 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 18:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2520
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130816
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Jul 2023 18:23:27 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		76 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.intherooms.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
d367194b4f8f26c95b655970de497ddc05605f820d09e402b40e9a827fe89666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Jul 2022 19:05:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75
x-xss-protection
0
expires
Mon, 11 Jul 2022 19:05:27 GMT
tag-7336ee5f726636095024f6bd41f470e8.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 		168 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-7336ee5f726636095024f6bd41f470e8.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=512181&u=https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F&f=1&r=0.5219378613351291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
42c85a104da068129e843b3c05ce6968fc26dfec62817f54c31c8901b6e22e13

Request headers

Referer
https://www.intherooms.com/
Origin
https://www.intherooms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:27 GMT
content-encoding
br
last-modified
Mon, 11 Jul 2022 10:53:49 GMT
server
gams1
etag
"62cc013d-bcd7"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48343
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=512181&d=intherooms.com&u=DEB4FFA1FBC143FB4EC2BD73625F580E0&h=aee063d116c6548658b3dce62d082f27&t=false&r=0.4765782041596751
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 19:05:27 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
modules.e691815239005b70eaea.js
script.hotjar.com/ 		244 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e691815239005b70eaea.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1712336.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-63.fra56.r.cloudfront.net
Software
/
Resource Hash
57f0421ad8d70e1ec4ab2c3792d7b639374cc5bc4beaf4981c0213064ecb206b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 08 Jul 2022 10:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
291321
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
64296
access-control-allow-origin
*
last-modified
Fri, 08 Jul 2022 10:09:36 GMT
etag
"4e9d16d4891a5e370135a06bad021c1b"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
ikw9gPZ7md1h91Ez5Sb6CyJ5wK9lb-DoKQpCbkk5dk2HMtKEY9OcNQ==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155894624-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
559
date
Mon, 11 Jul 2022 18:56:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 11 Jul 2022 20:56:08 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		859 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=512181&settings_type=1&vn=7.0&r=0.4750110212006773
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-7336ee5f726636095024f6bd41f470e8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gams1 /
Resource Hash
9fe336282aa2cb93d2c048436e722b13db226575002078ba2636223cc0deae21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:26 GMT
via
1.1 google
server
gams1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=828278001&t=pageview&_s=1&dl=https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F&ul=en-us&de=UTF-8&dt=Find%20Addiction%20Treatment%20Centers%20%26%20Addiction%20Doctors%20Near%20You&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1614773294&gjid=2072457557&cid=90195332.1657566328&tid=UA-155894624-1&_gid=1285188777.1657566328&_r=1&gtm=2ou760&z=1189448237
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.intherooms.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 19:05:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.intherooms.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=828278001&t=pageview&_s=1&dl=https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F&ul=en-us&de=UTF-8&dt=Find%20Addiction%20Treatment%20Centers%20%26%20Addiction%20Doctors%20Near%20You&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=2123712264&gjid=652911613&cid=90195332.1657566328&tid=UA-155894624-4&_gid=1285188777.1657566328&_r=1&gtm=2ou760&z=527086725
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.intherooms.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 19:05:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.intherooms.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-155894624-4&cid=90195332.1657566328&jid=2123712264&gjid=652911613&_gid=1285188777.1657566328&_u=YEDAAUABAAAAAC~&z=1613802864
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.intherooms.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 11 Jul 2022 19:05:27 GMT
content-type
text/plain
access-control-allow-origin
https://www.intherooms.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-155894624-1&cid=90195332.1657566328&jid=1614773294&gjid=2072457557&_gid=1285188777.1657566328&_u=YEBAAUAAAAAAAC~&z=1553945486
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.intherooms.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 11 Jul 2022 19:05:27 GMT
content-type
text/plain
access-control-allow-origin
https://www.intherooms.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
reporting.powerad.ai/ 		2 B
272 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.intherooms.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 11 Jul 2022 19:05:28 GMT
server
nginx/1.14.0 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
detect-aau
powerad.ai/ 		2 B
223 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/detect-aau?ch=2
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.246.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-246-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:28 GMT
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
detect-aau
powerad.ai/ 		2 B
222 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/detect-aau?ch=1
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.246.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-246-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:28 GMT
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
/
powerad.ai/pubPls/ 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.246.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-246-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
5207a691bc15a91adc7782da22129c27eadfff7477f38a526d14ffad93344551

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:27 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"32de-X48Vwhjb9kpj++sH88g40pB2DKA"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.intherooms.com
access-control-allow-credentials
true
access-control-allow-headers
*
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame 1B6E 		214 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.114.218 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-114-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5bc392c095dcf77649ba600570ea1629ada87be6c1c7fccc775ede9bbfa96b07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:28 GMT
content-encoding
gzip
last-modified
Wed, 01 Jun 2022 17:37:18 GMT
server
Apache/2.2.15 (CentOS)
etag
"10a1110-359bd-5e066573c5510"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=127780
accept-ranges
bytes
content-type
text/javascript
content-length
67198
expires
Wed, 13 Jul 2022 06:35:08 GMT
pbjs_wrapper.v1.1.js
hb.brainlyads.com/ Frame C822 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
46b8b5c8edc468cfc2b98f749ac9625de1731f8082d1bf1840dc7f4dd973c551
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:28 GMT
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 11:32:41 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62ab14d9-9714"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Wed, 13 Jul 2022 19:05:28 GMT
pbjs_wrapper.v2.0.js
hb.brainlyads.com/ Frame D21F 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
01d3eaab7f68119b5d7a50ddaf0cf653880942abd70647cc1feb6d492cc880d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:28 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 13:49:15 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"6290d6db-b2f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Wed, 13 Jul 2022 19:05:28 GMT
anchor
www.google.com/recaptcha/api2/ Frame 4382 		43 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfwk3cUAAAAAPUAFXpUGmIZGCsB24-6bqUlWkZf&co=aHR0cHM6Ly93d3cuaW50aGVyb29tcy5jb206NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=b3fkwg4lqqt4
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
802987e296716f5759f07c9379f7bbaa1ab0da2520224bc21bd0520da197b259
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iFbSoIluPRFYDo6BEDaFCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.intherooms.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22817
content-security-policy
script-src 'report-sample' 'nonce-iFbSoIluPRFYDo6BEDaFCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 11 Jul 2022 19:05:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
common.js
maps.googleapis.com/maps-api-v3/api/js/49/8/intl/de_ALL/ 		244 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/8/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCehke7XKLi1D6FVDUanfHtzfSVJRrOIHQ&libraries=places&ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cf3cc83d74f30e6980f3410197eb9b27887e724cf4cd4eb24079847d0785d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 19:19:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68940
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 18:31:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Jul 2023 19:19:26 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/49/8/intl/de_ALL/ 		155 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/8/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCehke7XKLi1D6FVDUanfHtzfSVJRrOIHQ&libraries=places&ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eae41d0016162992ec7f5b5c0449f46cb3ae90ed6bec011bfc27f9ccf4fec64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 19:19:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58605
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 18:31:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Jul 2023 19:19:26 GMT
controls.js
maps.googleapis.com/maps-api-v3/api/js/49/8/intl/de_ALL/ 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/8/intl/de_ALL/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCehke7XKLi1D6FVDUanfHtzfSVJRrOIHQ&libraries=places&ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7fcb8673cc7b746d018251637da19b7f8bade1ca3881aef71f25ad65f6ebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 11:22:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27784
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27494
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 18:31:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Jul 2023 11:22:23 GMT
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/49/8/intl/de_ALL/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/8/intl/de_ALL/places_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCehke7XKLi1D6FVDUanfHtzfSVJRrOIHQ&libraries=places&ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f442ecc9bcc7854c65135920ec73a25ad8d5fda6d682d87a1568c8c609d35bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 19:19:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17631
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 18:31:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Jul 2023 19:19:45 GMT
geocoder.js
maps.googleapis.com/maps-api-v3/api/js/49/8/intl/de_ALL/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/8/intl/de_ALL/geocoder.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCehke7XKLi1D6FVDUanfHtzfSVJRrOIHQ&libraries=places&ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56853f323794554e7d2de1144df94eca063d87411300faf0edf12768b845875e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 19:19:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2206
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 18:31:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Jul 2023 19:19:26 GMT
box-5e0db0f25ef573fe233efc0372d38d69.html
vars.hotjar.com/ Frame C497 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-5e0db0f25ef573fe233efc0372d38d69.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1712336.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-40.fra60.r.cloudfront.net
Software
/
Resource Hash
897abc95dfdec58fb982dcb66bbc2c1773e69df30001bf925678464903bf9e53
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.intherooms.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
370460
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Jul 2022 12:11:07 GMT
etag
"247bae6bc5dfc2c9bd258e7b3935cacc"
last-modified
Thu, 07 Jul 2022 12:11:03 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-amz-cf-id
y_v6CUjMTERrgbDYGuJQY_4lQct3LLejwINZh05vTnxix010bdOc1g==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
js
www.googletagmanager.com/gtag/ 		103 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-199748785-43
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9fc72c056e621d7bdbfd28cf297281a20a38fc56f87aac8acad118778fcfa244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40333
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:07:15 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Jul 2022 19:05:27 GMT
js
www.googletagmanager.com/gtag/ 		103 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-199748785-43&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
45416ba0d918c8925ade38948f8be8f39ab7305c08c8195cfabea03dee75dcb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40336
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:07:15 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Jul 2022 19:05:27 GMT
px.js
p.cpx.to/p/12967/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12967/px.js
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.48.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-48-187.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
351b1496745e158b36aac361501a38d26ba863ae13ddab96eee9ada2587428c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 19:05:27 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1769
Content-Type
application/javascript; charset=UTF-8
251
a.ad.gt/api/v1/u/matches/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F&ref=
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.83.23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-83-23.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
dd1751bf0c3dc40699bb240b93d801d3843ed5d4c6a8cdf4d19afabf428cedf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Jul 2022 19:05:28 GMT
cross-origin-resource-policy
cross-origin
server
nginx/1.20.0
content-length
8644
content-type
application/javascript
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 4382 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfwk3cUAAAAAPUAFXpUGmIZGCsB24-6bqUlWkZf&co=aHR0cHM6Ly93d3cuaW50aGVyb29tcy5jb206NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=b3fkwg4lqqt4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 16:11:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Jul 2023 16:11:21 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 4382 		366 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfwk3cUAAAAAPUAFXpUGmIZGCsB24-6bqUlWkZf&co=aHR0cHM6Ly93d3cuaW50aGVyb29tcy5jb206NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=b3fkwg4lqqt4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 14:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15884
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Jul 2023 14:40:43 GMT
prebid.js
hb.brainlyads.com/ Frame 1B6E 		569 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/prebid.js
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
81746464e3633248326b98acbce210c5c4047885eb04e8718ea583b56f51ec97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:28 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 15:11:47 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"627297b3-8e360"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Wed, 13 Jul 2022 19:05:28 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=828278001&t=pageview&_s=1&dl=https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F&ul=en-us&de=UTF-8&dt=Find%20Addiction%20Treatment%20Centers%20%26%20Addiction%20Doctors%20Near%20You&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=440965364&gjid=1761823322&cid=90195332.1657566328&tid=UA-199748785-43&_gid=1285188777.1657566328&_r=1&gtm=2ou760&z=312213361
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.intherooms.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 19:05:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.intherooms.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:28 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1616
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Mon, 11 Jul 2022 19:05:28 GMT
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:28 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3351
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Mon, 11 Jul 2022 19:05:28 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 4382 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfwk3cUAAAAAPUAFXpUGmIZGCsB24-6bqUlWkZf&co=aHR0cHM6Ly93d3cuaW50aGVyb29tcy5jb206NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=b3fkwg4lqqt4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfwk3cUAAAAAPUAFXpUGmIZGCsB24-6bqUlWkZf&co=aHR0cHM6Ly93d3cuaW50aGVyb29tcy5jb206NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=b3fkwg4lqqt4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Mon, 11 Jul 2022 19:05:28 GMT
bframe
www.google.com/recaptcha/api2/ Frame 89A2 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lfwk3cUAAAAAPUAFXpUGmIZGCsB24-6bqUlWkZf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1678ce11ee7cf7f75e41f95b61231dbc8268655ccd0a33372a756fbfc9cd334a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-90TOjKE-TXLNEmo-M_gw_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.intherooms.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1111
content-security-policy
script-src 'report-sample' 'nonce-90TOjKE-TXLNEmo-M_gw_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 11 Jul 2022 19:05:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
fire.js
s.cpx.to/ 		881 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12967&ref=&url=https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F&hn_ver=40&fid=4ed45e8f-0e94-4f80-85bd-eb78a852da13
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12967/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.184.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-184-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4d9da3f544901a197762dccebf7a8b3b70b12609a275a383dad9e92d0f135edf
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 11 Jul 2022 19:05:28 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
881
Expires
Mon, 11 Jul 2022 15:22:25 UTC
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 89A2 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lfwk3cUAAAAAPUAFXpUGmIZGCsB24-6bqUlWkZf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 16:11:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Jul 2023 16:11:21 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 89A2 		366 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lfwk3cUAAAAAPUAFXpUGmIZGCsB24-6bqUlWkZf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 14:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15885
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Jul 2023 14:40:43 GMT
UCookieSetPug
image2.pubmatic.com/AdServer/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D4ed45e8f-0e94-4f80-85bd-eb78a852da13
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=4ed45e8f-0e94-4f80-85bd-eb78a852da13
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=4ed45e8f-0e94-4f80-85bd-eb78a852da13&google_tc=
  • https://s.cpx.to/ca.png?dsp=dbm&fid=4ed45e8f-0e94-4f80-85bd-eb78a852da13&google_gid=CAESEBVN0mVzeZwVA5rTLKi1uD0&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=4ed45e8f-0e94-4f80-85bd-eb78a852da13&google_gid=CAESEBVN0mVzeZwVA5rTLKi1uD0&google_cver=1
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Server
52.19.184.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-184-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 11 Jul 2022 19:05:28 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 19:05:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=4ed45e8f-0e94-4f80-85bd-eb78a852da13&google_gid=CAESEBVN0mVzeZwVA5rTLKi1uD0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12967%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.intherooms.com%252Fhome%252Ffind-treatment-center%25...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12967%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fwww.intheroo...
  • https://s.cpx.to/an_fire?app_nexus_uid=1787537755160063918&pid=12967&ref=&url=https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F&hn_ver=40&fid=4ed45e8f-0e94-4f80-85bd-eb78a852da13
95 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=1787537755160063918&pid=12967&ref=&url=https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F&hn_ver=40&fid=4ed45e8f-0e94-4f80-85bd-eb78a852da13
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Server
52.19.184.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-184-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 11 Jul 2022 19:05:28 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 19:05:28 GMT
X-Proxy-Origin
37.58.57.3; 37.58.57.3; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
6cf03700-4bb3-4106-9cdb-0697d7bd66a9
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=1787537755160063918&pid=12967&ref=&url=https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F&hn_ver=40&fid=4ed45e8f-0e94-4f80-85bd-eb78a852da13
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 19:05:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D4ed45e8f-0e94-4f80-85bd-eb78a852da13&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=4ed45e8f-0e94-4f80-85bd-eb78a852da13&gdpr=0&cklb=1
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=4ed45e8f-0e94-4f80-85bd-eb78a852da13&gdpr=0&cklb=1
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 19:05:28 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=4ed45e8f-0e94-4f80-85bd-eb78a852da13&gdpr=0&cklb=1
pragma
no-cache
date
Mon, 11 Jul 2022 19:05:28 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
251
id.halo.ad.gt/api/v1/partner/ 		52 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.halo.ad.gt/api/v1/partner/251?sync=1&url=https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.82.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-82-163.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
686c01797df9bf94791eee8c630cb39975bb0236a4039d8575ac206da7d91890

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:29 GMT
content-encoding
gzip
origin-trial
server
nginx/1.20.0
content-type
text/javascript; charset=UTF-8
251
p.ad.gt/api/v1/p/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/251?au_id=AU1D-0100-001657566329-7TSW626E-ZNUX
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-183.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
12c2ce44432cd55b3f6823094672dcba662285a9ec7dec942f0409f75243cc27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:29 GMT
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 08:22:20 GMT
server
nginx/1.20.0
etag
W/"1657268540.0-39352-2710964840"
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
expires
Tue, 12 Jul 2022 07:05:29 GMT
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001657566329-7TSW626E-ZNUX&adnxs_id=$UID
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001657566329-7TSW626E-ZNUX&adnxs_id=1787537755160063918
43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001657566329-7TSW626E-ZNUX&adnxs_id=1787537755160063918
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Server
35.167.47.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-47-255.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:29 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Tue, 12 Jul 2022 07:05:29 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 19:05:28 GMT
X-Proxy-Origin
37.58.57.3; 37.58.57.3; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
1c87ca3b-b44f-4219-b86b-ea489d30273f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001657566329-7TSW626E-ZNUX&adnxs_id=1787537755160063918
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001657566329-7TSW626E-ZNUX&gdpr=0
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 19:05:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
UCookieSetPug
image2.pubmatic.com/AdServer/ 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001657566329-7TSW626E-ZNUX
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:28 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001657566329-7TSW626E-ZNUX
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001657566329-7TSW626E-ZNUX&google_gid=CAESEEbPNxgKvAuLNituO_fGhDw&google_cver=1&google_ula=450542624,0
43 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001657566329-7TSW626E-ZNUX&google_gid=CAESEEbPNxgKvAuLNituO_fGhDw&google_cver=1&google_ula=450542624,0
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Server
35.167.47.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-47-255.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:29 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Tue, 12 Jul 2022 07:05:29 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 19:05:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001657566329-7TSW626E-ZNUX&google_gid=CAESEEbPNxgKvAuLNituO_fGhDw&google_cver=1&google_ula=450542624,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001657566329-7TSW626E-ZNUX
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY1NzU2NjMyOS03VFNXNjI2RS1aTlVY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY1NzU2NjMyOS03VFNXNjI2RS1aTlVY
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 19:05:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY1NzU2NjMyOS03VFNXNjI2RS1aTlVY
date
Mon, 11 Jul 2022 19:05:29 GMT
server
nginx/1.20.0
content-length
473
content-type
text/html; charset=utf-8
impr_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001657566329-7TSW626E-ZNUX%26impr_uid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001657566329-7TSW626E-ZNUX%26impr_uid%3D%7BPUB_USER_ID%7D
  • https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001657566329-7TSW626E-ZNUX&impr_uid=e061d2a7-795f-4957-8aac-0f7140d48a31
43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001657566329-7TSW626E-ZNUX&impr_uid=e061d2a7-795f-4957-8aac-0f7140d48a31
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Server
35.167.47.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-47-255.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:29 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Tue, 12 Jul 2022 07:05:29 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001657566329-7TSW626E-ZNUX&impr_uid=e061d2a7-795f-4957-8aac-0f7140d48a31
date
Mon, 11 Jul 2022 19:05:28 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
beeswax_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001657566329-7TSW626E-ZNUX
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001657566329-7TSW626E-ZNUX&_bee_ppp=1
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAGcQE7FmOkAAA8PlSHbHg&id=AU1D-0100-001657566329-7TSW626E-ZNUX
43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAGcQE7FmOkAAA8PlSHbHg&id=AU1D-0100-001657566329-7TSW626E-ZNUX
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Server
35.167.47.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-47-255.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:29 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Tue, 12 Jul 2022 07:05:29 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAGcQE7FmOkAAA8PlSHbHg&id=AU1D-0100-001657566329-7TSW626E-ZNUX
Date
Mon, 11 Jul 2022 19:05:28 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
token
token.rubiconproject.com/ 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001657566329-7TSW626E-ZNUX&gdpr=0
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cm
trc.taboola.com/sg/audigent/1/ 		43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3DAU1D-0100-001657566329-7TSW626E-ZNUX
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Mon, 11 Jul 2022 19:05:28 GMT
via
1.1 varnish
server
nginx
x-timer
S1657566329.732556,VS0,VE9
x-served-by
cache-fra19128-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
cm
u.openx.net/w/1.0/ 		43 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001657566329-7TSW626E-ZNUX%26auid%3DAU1D-0100-001657566329-7TSW626E-ZNUX
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 19:05:28 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
halo_match
ids.ad.gt/api/v1/ 		43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001657566329-7TSW626E-ZNUX&halo_id=060fg7fcdlebbd8a8h8fi68bi6fafj9hkdloq2oik0mggk4e4s4ou04gu0oeow6sy
Requested by
Host: www.intherooms.com
URL: https://www.intherooms.com/home/find-treatment-center/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.47.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-47-255.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:29 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Tue, 12 Jul 2022 07:05:29 GMT
collect
a.ad.gt/api/v1/ 		0
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251?au_id=AU1D-0100-001657566329-7TSW626E-ZNUX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.83.23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-83-23.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.intherooms.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://www.intherooms.com
date
Mon, 11 Jul 2022 19:05:29 GMT
server
nginx/1.20.0
vary
Origin
getpixels
pixels.ad.gt/api/v1/ 		0
52 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=c5a8d7eee70072193f1b20f1a2fe32eb&url=https%3A%2F%2Fwww.intherooms.com%2Fhome%2Ffind-treatment-center%2F&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251?au_id=AU1D-0100-001657566329-7TSW626E-ZNUX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.81.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-81-176.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:05:30 GMT
server
nginx/1.20.0
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251?au_id=AU1D-0100-001657566329-7TSW626E-ZNUX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
25939
x-xss-protection
0
pragma
public
x-fb-debug
exVs9lY6/b8OKLfJtbz9oJDiabu1crCI50mc+5qn7nGZzMU0oC4WW9/epA22Se46f/KE+3GdwgBID5aSy4KtEw==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 11 Jul 2022 19:05:29 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 11 Jul 2022 20:02:39 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 18:50:00 GMT
x-content-type-options
nosniff
age
929
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2779
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 11 Jul 2022 19:50:00 GMT
/
reporting.powerad.ai/ 		2 B
271 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.intherooms.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 11 Jul 2022 19:05:29 GMT
server
nginx/1.14.0 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
1853083501571805
connect.facebook.net/signals/config/ 		294 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1853083501571805?v=2.9.64&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df7657c8e4ed81f913a0ec32877f6765e26110411e573872359f221a2ff2f450
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intherooms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
87052
x-xss-protection
0
pragma
public
x-fb-debug
YVA1zz9PZia4DClFXwLhaMwpDEz9ClxyVqiSG+5WeuDuM49tJZr+BRH/DykyPKqG4vPeJYA0nsAaMY3F6Ybu6w==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 11 Jul 2022 19:05:29 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fullstory.com
URL
https://fullstory.com/s/fs.js

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wpemojiSettings object| Sphere_Plugin undefined| $ function| jQuery object| EGCF_Plugin function| EGCF_Form object| tingle object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| ciads_settings object| _caq object| Ci number| onloadDateTime object| unloadDateTime boolean| navGeoSupported object| citracker_ref object| plugins object| documentAlias object| navigatorAlias object| screenAlias object| windowAlias string| locationHrefAlias string| locationHostnameAlias boolean| hasLoaded object| registeredOnLoadHandlers object| info_demographics string| SDK_VERSION number| settings_timer number| _vwo_settings_timer object| _vwo_code function| hj object| _hjSettings function| gtag object| dataLayer object| googletag boolean| _fs_debug string| _fs_host string| _fs_org string| _fs_namespace function| FS object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| change_image function| hide_image object| runtime object| regeneratorRuntime object| google_tag_manager object| ggeac object| google_tag_data object| google_js_reporting_queue function| setImmediate function| clearImmediate object| wpcf7 number| _vwo_acc_id object| vwoCode object| _vwo_style string| _vwo_css string| _vwo_cookieDomain string| _vwo_uuid number| _vwo_library_timer string| _vis_opt_file string| _vis_opt_lib undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp function| EvEmitter function| imagesLoaded object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_t object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out object| gaplugins object| gaGlobal object| gaData function| objectFitImages object| recaptcha object| Bunyad object| _0x4cc4 function| _0x30b6 function| _0x4a113e object| _ds05un3 number| _pa_v object| paGlobal function| callUnitMan object| Bunyad_Theme object| Bunyad_Share_Float object| Bunyad_Pagination function| jarallax object| pa_prebid_fw object| pa_pbjs_fw1.1 object| pa_pbjs_fw2.0 object| closure_lm_505440 function| _pa_adjust_col string| captify_kw_query_12967 object| refCatKv object| twemoji object| wp object| __e3_ object| pa_pbjs_fw object| auvars boolean| __halo__loaded__ string| __sync__call__ object| au function| docReady object| autag function| fbq function| _fbq

52 Cookies

Domain/Path Name / Value
.w55c.net/ Name: wfivefivec
Value: 1D23fXFj1OaYIL2
.intherooms.com/ Name: _vwo_uuid_v2
Value: DEB4FFA1FBC143FB4EC2BD73625F580E0|aee063d116c6548658b3dce62d082f27
.intherooms.com/ Name: _vis_opt_s
Value: 1%7C
.intherooms.com/ Name: _vis_opt_test_cookie
Value: 1
.intherooms.com/ Name: _ga
Value: GA1.2.90195332.1657566328
.intherooms.com/ Name: _gid
Value: GA1.2.1285188777.1657566328
.intherooms.com/ Name: _gat_gtag_UA_155894624_1
Value: 1
.intherooms.com/ Name: _gat_gtag_UA_155894624_4
Value: 1
.ipredictive.com/ Name: cu
Value: 6d0d3e08-014c-11ed-8342-7383e55b7e84|1657566327708
.ipredictive.com/ Name: ci_rtc
Value: _uts=1657566327
powerad.ai/ Name: 12940dcr-g
Value: 1
powerad.ai/ Name: 13127dcr-g
Value: 1
.intherooms.com/ Name: _hjSessionUser_1712336
Value: eyJpZCI6ImVkNWM1MzVkLTdjODAtNTMwMy1hZDg5LTdjNzc2MmQ0MmFlOCIsImNyZWF0ZWQiOjE2NTc1NjYzMjc1NTYsImV4aXN0aW5nIjpmYWxzZX0=
.intherooms.com/ Name: _hjFirstSeen
Value: 1
www.intherooms.com/ Name: _hjIncludedInSessionSample
Value: 0
.intherooms.com/ Name: _hjSession_1712336
Value: eyJpZCI6IjE0NzE2NmVjLWI1MzctNDNjYi1iNzI5LTU4NTEzMGNhOWE4NCIsImNyZWF0ZWQiOjE2NTc1NjYzMjc4OTgsImluU2FtcGxlIjpmYWxzZX0=
.intherooms.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.intherooms.com/ Name: _gat_gtag_UA_199748785_43
Value: 1
.cpx.to/ Name: cpSess
Value: 425292d2b0c83baa
.adnxs.com/ Name: uuid2
Value: 1787537755160063918
.doubleclick.net/ Name: IDE
Value: AHWqTUnSzM1h34ycP6quprfOpbDWjv5EoSaAcJqvzEh_ZzPk4c_rK3QF1wSkZASWnzE
.cpx.to/ Name: dsp_dbm
Value: CAESEBVN0mVzeZwVA5rTLKi1uD0#1657566328422
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16100%3b%24o%3d11100
.smartadserver.com/ Name: pid
Value: 8337792558634023379
.ad.gt/ Name: au_idmatch
Value: eyJhcG4iOiAxNjU3NTY2MzI4NTc0LCAidHRkIjogMTY1NzU2NjMyODU3NCwgInB1YiI6IDE2NTc1NjYzMjg1NzQsICJhZHgiOiAxNjU3NTY2MzI4NTc0LCAiZ29vIjogMTY1NzU2NjMyODU3NCwgImltcHIiOiAxNjU3NTY2MzI4NTc0LCAiYmVlcyI6IDE2NTc1NjYzMjg1NzQsICJydWIiOiAxNjU3NTY2MzI4NTc0LCAidGFib29sYSI6IDE2NTc1NjYzMjg1NzQsICJvcGVueCI6IDE2NTc1NjYzMjg1NzQsICJtZWRpYW1hdGgiOiAxNjU3NTY2MzI4NTc0LCAic29uIjogMTY1NzU2NjMyODU3NCwgInBwbnQiOiAxNjU3NTY2MzI4NTc0LCAidW5ydWx5IjogMTY1NzU2NjMyODU3NCwgImFkbyI6IDE2NTc1NjYzMjg1NzQsICJzbWFydCI6IDE2NTc1NjYzMjg1NzR9
.intherooms.com/ Name: _au_1d
Value: AU1D-0100-001657566329-7TSW626E-ZNUX
.intherooms.com/ Name: _au_last_seen_apn
Value: 1657566328662
.intherooms.com/ Name: _au_last_seen_ttd
Value: 1657566328662
.intherooms.com/ Name: _au_last_seen_pub
Value: 1657566328662
.intherooms.com/ Name: _au_last_seen_adx
Value: 1657566328662
.intherooms.com/ Name: _au_last_seen_goo
Value: 1657566328662
.intherooms.com/ Name: _au_last_seen_impr
Value: 1657566328662
.intherooms.com/ Name: _au_last_seen_bees
Value: 1657566328662
.intherooms.com/ Name: _au_last_seen_rub
Value: 1657566328662
.intherooms.com/ Name: _au_last_seen_taboola
Value: 1657566328662
.intherooms.com/ Name: _au_last_seen_openx
Value: 1657566328662
.360yield.com/ Name: tuuid
Value: e061d2a7-795f-4957-8aac-0f7140d48a31
.360yield.com/ Name: tuuid_lu
Value: 1657566328
.bidr.io/ Name: bito
Value: AAGcQE7FmOkAAA8PlSHbHg
.bidr.io/ Name: bitoIsSecure
Value: ok
.ad.gt/ Name: last_seenadx
Value: 1657566329165
.ad.gt/ Name: au_id
Value: AU1D-0100-001657566329-7TSW626E-ZNUX
.ad.gt/ Name: first_seenadx
Value: 1657566329165
.ad.gt/ Name: last_seenimprove
Value: 1657566329172
.ad.gt/ Name: last_seenadnxs
Value: 1657566329175
.ad.gt/ Name: first_seenadnxs
Value: 1657566329175
.ad.gt/ Name: last_seenbeeswax
Value: 1657566329175
.ad.gt/ Name: last_seeng_hosted
Value: 1657566329180
.ad.gt/ Name: g_hosted
Value:
.ad.gt/ Name: last_seenhaloid
Value: 1657566329357
.ad.gt/ Name: first_seenhaloid
Value: 1657566329357

3 Console Messages

Source Level URL
Text
javascript error URL: https://www.intherooms.com/home/find-treatment-center/
Message:
Access to script at 'https://fullstory.com/s/fs.js' from origin 'https://www.intherooms.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://fullstory.com/s/fs.js
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D4ed45e8f-0e94-4f80-85bd-eb78a852da13
Message:
Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ad.360yield.com
ad.ipredictive.com
ads.pubmatic.com
cm.g.doubleclick.net
connect.facebook.net
dev.visualwebsiteoptimizer.com
directory.intherooms.com
fonts.googleapis.com
fonts.gstatic.com
fullstory.com
hb.brainlyads.com
id.halo.ad.gt
ids.ad.gt
image2.pubmatic.com
intherooms.com
maps.googleapis.com
maps.gstatic.com
match.adsrvr.org
match.prod.bidr.io
media-cdn.ipredictive.com
media.intherooms.com
p.ad.gt
p.cpx.to
pixels.ad.gt
powerad.ai
reporting.powerad.ai
s.cpx.to
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
sync.smartadserver.com
tags.w55c.net
token.rubiconproject.com
trc.taboola.com
u.openx.net
url8038.updates.intherooms.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.intherooms.com
fullstory.com
104.237.154.11
142.250.185.226
142.250.186.34
167.89.118.52
18.66.139.40
18.66.97.10
185.64.190.80
185.86.139.57
185.89.210.244
23.20.158.212
23.54.114.218
2a00:1450:4001:800::2004
2a00:1450:4001:803::200a
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:811::200a
2a00:1450:4001:813::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:400c:c08::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42:200::300
34.217.170.183
34.96.102.137
35.159.35.35
35.167.47.255
35.244.159.8
35.71.131.137
44.238.81.176
44.239.82.163
45.79.82.75
52.19.184.31
52.212.188.172
52.222.236.63
52.222.236.79
52.4.246.121
52.42.83.23
52.50.96.246
54.228.48.187
54.234.151.247
54.237.82.38
69.173.144.138
01d3eaab7f68119b5d7a50ddaf0cf653880942abd70647cc1feb6d492cc880d5
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
047103f333be819987c8e5d91c13510244c0e6260b11bd230ccaadc46e253030
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0614edd6fa88c0535d3c7cbad1c7c7f7f613a3d49d359193a17633c977edcfe7
07040463dd75395bbadca7ad41001d3347cd259ed7f6bf78738c7919a69611dc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
12c2ce44432cd55b3f6823094672dcba662285a9ec7dec942f0409f75243cc27
138bc54f841826a4124ec505372e857dcacf10ab345d78f6c6ad56c2c45b012e
1678ce11ee7cf7f75e41f95b61231dbc8268655ccd0a33372a756fbfc9cd334a
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
29e23646a639746b95623aef060574c65b55f7531cf6502b7fc0d6a245568476
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4319c316952587d47e69d391d07e2a1440a9a3de95139ef4d99c47b158ca66
2d199fc8a0cad1784b67a93991b7f1e9e97eaadaf3cdf334eca5a98fb43eb0ee
3469e2a20ee40dc3fe99d4d6835405f3b69b7fc3954a14e2b6377c9e8d7f98df
351b1496745e158b36aac361501a38d26ba863ae13ddab96eee9ada2587428c2
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
3cf3cc83d74f30e6980f3410197eb9b27887e724cf4cd4eb24079847d0785d0e
3f442ecc9bcc7854c65135920ec73a25ad8d5fda6d682d87a1568c8c609d35bc
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
42c85a104da068129e843b3c05ce6968fc26dfec62817f54c31c8901b6e22e13
4308b770a8f544c1fc4487836df776d7a8a4170b0947e45c9b748369846ee115
45416ba0d918c8925ade38948f8be8f39ab7305c08c8195cfabea03dee75dcb4
46b8b5c8edc468cfc2b98f749ac9625de1731f8082d1bf1840dc7f4dd973c551
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4d9da3f544901a197762dccebf7a8b3b70b12609a275a383dad9e92d0f135edf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eae41d0016162992ec7f5b5c0449f46cb3ae90ed6bec011bfc27f9ccf4fec64
4eaf5df0af2770d534d10ed2b4f1a8fafa3ff04a3147db854ba3d721df286299
4f188ba5ef3a034479c012bfacaac35b033b2e82ce7af131ae3e8204bd2b3a9e
51d3390cc965691d01d9c2854d2a19e60e004ef59bd8efb638f28cf0ffb124f1
5207a691bc15a91adc7782da22129c27eadfff7477f38a526d14ffad93344551
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56853f323794554e7d2de1144df94eca063d87411300faf0edf12768b845875e
57f0421ad8d70e1ec4ab2c3792d7b639374cc5bc4beaf4981c0213064ecb206b
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5bc392c095dcf77649ba600570ea1629ada87be6c1c7fccc775ede9bbfa96b07
652876c64c94fddfefb323a90fb2de3f80c5a1eccf34ac91a3c6b9b7ad366e2b
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
686c01797df9bf94791eee8c630cb39975bb0236a4039d8575ac206da7d91890
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
72b78920fbaf8cbf8c6f0e60133689b6e440b9b0a69dab9be88de0f04cc373ce
7aa152e37cc1423038f78f8d97dc5b8bc3b5c72cd02f4d1c0dfdea5ffc2602c1
802987e296716f5759f07c9379f7bbaa1ab0da2520224bc21bd0520da197b259
81746464e3633248326b98acbce210c5c4047885eb04e8718ea583b56f51ec97
82683c66b8c6eef5f089e0349a6801d7b98f1f46607167e04867ba983f1d3d17
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
897abc95dfdec58fb982dcb66bbc2c1773e69df30001bf925678464903bf9e53
8c2fded8e3119fcb15699d6752e3834a4b20ba353ca20f0842419c466f2dc97b
8cdc53975174314cc55ef7ca7ee80afbf80e724452e4b0fc7e4bea1e43ad4f59
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
946f2fe9f1d495a92439f565ea3c0a553132d8156ce6eb778549cc2e97598af6
94a82b1a138fa5d52f95bca894904e57a7ba5d89275712792e34c6192aeaddba
95197d6970141f7bb9c4c1c7c1decfe205e447626f5edd31f165b97d8611e285
9d01d0ed33d145abdad96c63e65a72a0ac3874343f4a53d2308a010605467572
9e629d2f148bc527e60bc2d24651d61753236b42fcdfff6f2ff27fed93094a3e
9fc72c056e621d7bdbfd28cf297281a20a38fc56f87aac8acad118778fcfa244
9fe336282aa2cb93d2c048436e722b13db226575002078ba2636223cc0deae21
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4c7fcb8673cc7b746d018251637da19b7f8bade1ca3881aef71f25ad65f6ebb
a5739201f887b29e9c388abde422bb8ed703a25e201fed75c13da3bf6f53ad1b
a74fffeafacfdfb2788882a80fdae4280b11301ee3a6cf3bc91618c48b0fc896
a8680939292053c808260c3dfa05f9257b6940c0da273f26ad3fc969e53f84f3
a937f3f0167edaa39003c91daed3f6e9316b4dbbf4a50967221f98bbd6fb2e26
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b6fd315648b63c0c69aba90f8935c132ed9259192022796eb285c0fc36b8950b
bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d367194b4f8f26c95b655970de497ddc05605f820d09e402b40e9a827fe89666
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
db9e2a94f9f1ca3c67f7329db516c3b9e082a80636ae89016e8d6848d013308a
dd1751bf0c3dc40699bb240b93d801d3843ed5d4c6a8cdf4d19afabf428cedf6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df7657c8e4ed81f913a0ec32877f6765e26110411e573872359f221a2ff2f450
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f82b2070d89fbd24a7727258f27c297483cc7338d74b57c1003db20a9e4e7ca7
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869