www.medhelp.org Open in urlscan Pro
172.67.141.32 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.medhelp.org/
Submission Tags: falconsandbox
Submission: On October 19 via api (October 19th 2021, 5:39:18 pm UTC) from US — Scanned from DE

Summary HTTP 72 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 21 domains to perform 72 HTTP transactions. The main IP is 172.67.141.32, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.medhelp.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 8th 2021. Valid for: a year.

This is the only time www.medhelp.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	172.67.141.32 172.67.141.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.4.176 104.18.4.176	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
1	172.67.214.69 172.67.214.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	13.225.87.122 13.225.87.122	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
1 2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
21	52.222.236.129 52.222.236.129	16509 (AMAZON-02) (AMAZON-02)
1	13.224.193.49 13.224.193.49	16509 (AMAZON-02) (AMAZON-02)
1	34.202.206.65 34.202.206.65	14618 (AMAZON-AES) (AMAZON-AES)
3	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
1 1	34.68.170.46 34.68.170.46	15169 (GOOGLE) (GOOGLE)
9	18.66.139.118 18.66.139.118	16509 (AMAZON-02) (AMAZON-02)
1 1	18.214.90.16 18.214.90.16	14618 (AMAZON-AES) (AMAZON-AES)
1 1	209.240.97.247 209.240.97.247	40244 (TURNKEY-I...) (TURNKEY-INTERNET)
1 1	3.212.101.34 3.212.101.34	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
2 2	172.67.8.244 172.67.8.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.214.250.204 3.214.250.204	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.220.38.221 3.220.38.221	14618 (AMAZON-AES) (AMAZON-AES)
72	15

19 172.67.141.32 (United States)

ASN13335 (CLOUDFLARENET, US)

www.medhelp.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.4.176 (United States)

ASN13335 (CLOUDFLARENET, US)

img.webmd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.214.69 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.225.87.122 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-122.fra2.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.21 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

ssl.o.medhelp.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 52.222.236.129 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-129.fra56.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.49 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-49.fra2.r.cloudfront.net

consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.206.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-206-65.compute-1.amazonaws.com

prefmgr-cookie.truste-svc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.68.170.46 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 46.170.68.34.bc.googleusercontent.com

preferences.bluecava.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.66.139.118 (United States)

ASN16509 (AMAZON-02, US)

preferences-mgr.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.90.16 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-90-16.compute-1.amazonaws.com

my.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.240.97.247 (Latham, United States) 1 redirects

ASN40244 (TURNKEY-INTERNET, US)
PTR: 209-240-97-247.static.as40244.net

optout.alphonso.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.212.101.34 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-101-34.compute-1.amazonaws.com

optout.crsspxl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.53 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.8.244 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

api.retargetly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.250.204 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-250-204.compute-1.amazonaws.com

p1.optout.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.38.221 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-38-221.compute-1.amazonaws.com

optout.thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	trustarc.com consent.trustarc.com consent-pref.trustarc.com consent-st.trustarc.com	275 KB
21	medhelp.org 1 redirects www.medhelp.org ssl.o.medhelp.org	1 MB
9	truste.com preferences-mgr.truste.com	7 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	retargetly.com 2 redirects api.retargetly.com	657 B
2	doubleclick.net securepubads.g.doubleclick.net	123 KB
1	thrtle.com 1 redirects optout.thrtle.com	187 B
1	agkn.com 1 redirects p1.optout.agkn.com	327 B
1	contextweb.com 1 redirects bh.contextweb.com	288 B
1	owneriq.net 1 redirects px.owneriq.net	475 B
1	crsspxl.com 1 redirects optout.crsspxl.com	349 B
1	alphonso.tv 1 redirects optout.alphonso.tv	272 B
1	ipredictive.com 1 redirects my.ipredictive.com	124 B
1	bluecava.com 1 redirects preferences.bluecava.com	314 B
1	truste-svc.net prefmgr-cookie.truste-svc.net	2 KB
1	scorecardresearch.com sb.scorecardresearch.com	1 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	fontawesome.com use.fontawesome.com	240 KB
1	webmd.com img.webmd.com	29 KB
0	mxptint.net Failed optout.mxptint.net Failed
72	21

	Domain	Requested by
21	consent-pref.trustarc.com	consent.trustarc.com consent-pref.trustarc.com www.medhelp.org prefmgr-cookie.truste-svc.net
19	www.medhelp.org	www.medhelp.org
9	preferences-mgr.truste.com	www.medhelp.org
7	consent.trustarc.com	www.medhelp.org consent.trustarc.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.medhelp.org client
2	api.retargetly.com	2 redirects
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	ssl.o.medhelp.org	1 redirects www.medhelp.org
1	optout.thrtle.com	1 redirects
1	p1.optout.agkn.com	1 redirects
1	bh.contextweb.com	1 redirects
1	px.owneriq.net	1 redirects
1	optout.crsspxl.com	1 redirects
1	optout.alphonso.tv	1 redirects
1	my.ipredictive.com	1 redirects
1	preferences.bluecava.com	1 redirects
1	prefmgr-cookie.truste-svc.net	www.medhelp.org
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	sb.scorecardresearch.com	www.medhelp.org
1	www.googletagservices.com	www.medhelp.org
1	use.fontawesome.com	www.medhelp.org
1	img.webmd.com	www.medhelp.org
0	optout.mxptint.net Failed	www.medhelp.org
72	24

This site contains links to these domains. Also see Links.

Domain
submit-irm.trustarc.com
medhelp.zendesk.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
img.webmd.com Cloudflare Inc ECC CA-3	`2021-04-20` - `2022-04-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
ssl.o.medhelp.org DigiCert TLS RSA SHA256 2020 CA1	`2021-08-31` - `2022-10-01`	a year	crt.sh
*.truste-svc.net Go Daddy Secure Certificate Authority - G2	`2020-04-25` - `2022-06-23`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://www.medhelp.org/
Frame ID: 8B6F844C8F8666B64752DC21A4571806
Requests: 32 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
Frame ID: A768A8B009F1C40846CC82895868F2F2
Requests: 27 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html
Frame ID: A68655E05E9C43CDCF6C024FF36F6500
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https://www.medhelp.org/legal/privacy_policy&cookieLink=https://www.medhelp.org/legal/california_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
Frame ID: DD1466CF8EB9056B80493AB8C578E842
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: 881D1A9567D80D1045658DF46D883AB5
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/569/1/bluecava-csrf/
Frame ID: DE2D3DCF692AD5B17CB845AA8DBF44D3
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/642/1/adelphic
Frame ID: 0DAB0E31C7756AD78714EB3161DB5E5E
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/768/1
Frame ID: 7BCA53B291080C490981162EA0E56C7A
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/392/1/253614
Frame ID: 92D48C79F63418F12F53F96D221340B8
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/591/1-1/no-token
Frame ID: 8D370AEF3E8957AB4A79DA4E2A09149D
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/422/1/yauDkYtEHqVb
Frame ID: E1BA34926584B189984A0DB5F6878BDC
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com//token/497/2-0/0
Frame ID: D22E00D88474A0544A0D75F34DC8C0C4
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/730/1-0/qcDhtLSbliFmYOzFVuhtxEntlULcaDBMnEDcvOFJwToIkxWuSQPWFfvpAISwnpZB
Frame ID: FBA1D93604F04B8A16727578DC922BF4
Requests: 1 HTTP requests in this frame

Frame: https://preferences-mgr.truste.com/token/770/1-0/xunp
Frame ID: 05FFD37E9C444DDD8C98A1D0FE242648
Requests: 1 HTTP requests in this frame

Frame: https://optout.mxptint.net/daastatus.ashx?rd=http://preferences-mgr.truste.com&participant_id=540&action_id=3
Frame ID: 2F443652C2C378592C8DBE39C48BAD69
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MedHelp - Health community, health information, medical questions, and medical apps

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

72
Requests

99 %
HTTPS

0 %
IPv6

21
Domains

24
Subdomains

15
IPs

2
Countries

1786 kB
Transfer

4030 kB
Size

15
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://submit-irm.trustarc.com/services/validation/c7628f58-3b8e-46cb-b231-aef541b26f72
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://medhelp.zendesk.com/hc/en-us/requests/new
Title: Report Abuse

Search URL Search Domain Scan URL

URL: https://medhelp.zendesk.com/
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://ssl.o.medhelp.org/b/ss/webmdp1global/1/JS-2.15.0/s76231773087116?AQB=1&ndh=1&pf=1&t=19%2F9%2F2021%2017%3A39%3A14%202%200&fid=099FCDA4F9ADCF1D-080855BA27CB99A0&ce=ISO-8859-1&ns=webmd&cdp=2&pageName=medhelp.org%2F&g=https%3A%2F%2Fwww.medhelp.org%2F&c.&wb.&vapi=visitorapi%20missing&pubsourceco=webmd&metakywrd=medical%20questions%2C%20medical%2C%20question%2C%20medical%20question%2C%20health%20questions%2C%20medical%20health%2C%20medical%20information%2C%20medical%20help%2C%20forums%2C%20health%2C%20communities%2C%20health%20forums&.wb&.c&cc=USD&server=ntc%7Coocommon%7C20210330&c3=medhelp&c6=homepage&c7=default&c35=homepage&c48=mbl-no&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
https://ssl.o.medhelp.org/b/ss/webmdp1global/1/JS-2.15.0/s76231773087116?AQB=1&pccr=true&vidn=30B7816178629227-60001BE940908532&ndh=1&pf=1&t=19%2F9%2F2021%2017%3A39%3A14%202%200&fid=099FCDA4F9ADCF1D-080855BA27CB99A0&ce=ISO-8859-1&ns=webmd&cdp=2&pageName=medhelp.org%2F&g=https%3A%2F%2Fwww.medhelp.org%2F&c.&wb.&vapi=visitorapi%20missing&pubsourceco=webmd&metakywrd=medical%20questions%2C%20medical%2C%20question%2C%20medical%20question%2C%20health%20questions%2C%20medical%20health%2C%20medical%20information%2C%20medical%20help%2C%20forums%2C%20health%2C%20communities%2C%20health%20forums&.wb&.c&cc=USD&server=ntc%7Coocommon%7C20210330&c3=medhelp&c6=homepage&c7=default&c35=homepage&c48=mbl-no&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Request Chain 59

https://preferences.bluecava.com/daa/optout.ashx?action_id=3&participant_id=569&rd=https://preferences-mgr.truste.com/&nocache=0.027878971879227832 HTTP 302
https://preferences-mgr.truste.com/token/569/1/bluecava-csrf/

Request Chain 60

https://my.ipredictive.com/optout/aboutads?action_id=3&participant_id=642&rd=https://preferences-mgr.truste.com&nocache=0.9860658296684495 HTTP 302
https://preferences-mgr.truste.com/token/642/1/adelphic

Request Chain 61

https://optout.alphonso.tv/optout_v1?action_id=3&participant_id=768&rd=https://preferences-mgr.truste.com&nocache=0.30364533837941154 HTTP 302
https://preferences-mgr.truste.com/token/768/1

Request Chain 62

https://optout.crsspxl.com/opt-out.php?action_id=3&participant_id=392&rd=https://preferences-mgr.truste.com/&nocache=0.07896764850395988 HTTP 302
https://preferences-mgr.truste.com//token/392/1/253614

Request Chain 63

https://px.owneriq.net/nai/optout?action_id=3&participant_id=591&rd=https://preferences-mgr.truste.com&nocache=0.7524103639031083 HTTP 302
https://preferences-mgr.truste.com/token/591/1-1/no-token

Request Chain 64

https://bh.contextweb.com/bh/oba/aboutads/?action_id=3&participant_id=422&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.0426760754898341 HTTP 302
https://preferences-mgr.truste.com/token/422/1/yauDkYtEHqVb

Request Chain 65

https://api.retargetly.com/optout?action_id=3&participant_id=497&rd=https://preferences-mgr.truste.com/&nocache=0.6516504793613891 HTTP 302
https://api.retargetly.com/optout?action_id=3&participant_id=497&rd=https%3A%2F%2Fpreferences-mgr.truste.com%2F&nocache=0.6516504793613891&_rlid=1ab9d924-2334-43ca-a241-170d47a25207 HTTP 302
https://preferences-mgr.truste.com//token/497/2-0/0

Request Chain 66

https://p1.optout.agkn.com/nai?action_id=3&participant_id=730&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.0016855803849014084 HTTP 302
https://preferences-mgr.truste.com/token/730/1-0/qcDhtLSbliFmYOzFVuhtxEntlULcaDBMnEDcvOFJwToIkxWuSQPWFfvpAISwnpZB

Request Chain 67

https://optout.thrtle.com/optout?action_id=3&participant_id=770&rd=https://preferences-mgr.truste.com&nocache=0.9810294348718172 HTTP 302
https://preferences-mgr.truste.com/token/770/1-0/xunp

Request Chain 68

https://optout.mxptint.net/daaoptout.ashx?action_id=3&participant_id=540&rd=http://preferences-mgr.truste.com&nocache=0.10598133523879283 HTTP 302
https://optout.mxptint.net/daastatus.ashx?rd=http://preferences-mgr.truste.com&participant_id=540&action_id=3

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.medhelp.org/ 34 KB
9 KB 179ms
150ms Document
text/html 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medhelp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ecf9f99d66dfdac75a1147956d9a75fc5c908ad96e9cc256adcebb2645cde39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.medhelp.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 19 Oct 2021 17:39:13 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=0, private, must-revalidate
set-cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; domain=.medhelp.org; path=/; expires=Sun, 19 Oct 2036 17:39:13 -0000 mh_expt=95; path=/ ccpa_qual=1; path=/ _medhelp_session=739b68b4da1d805fbea4051ece3d572e; domain=.medhelp.org; path=/; expires=Wed, 20 Oct 2021 17:39:13 -0000; HttpOnly
x-request-id: 40916b35-b216-4a06-bfcd-35e8215f9685
x-runtime: 0.021328
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avhsrKSR0SGTMX91rIxJeaWtk%2FEy6YE0HRIu8ix4pwrfcDdlrQqZgYfQMbFCYW%2BtRIPi6m8sP2RTX15DDAehA6t3FgS6%2BfS%2FxQJqbQBHLU2RV1%2BvjgmOKDiTPNg43LLPXVg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a0bc8dafae64e5b-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bi_oocommon.js Show response
img.webmd.com/bi_common/ 90 KB
29 KB 77ms
35ms Script
application/javascript 104.18.4.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.webmd.com/bi_common/bi_oocommon.js?d=10/19/21
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.4.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ad970c9d9124a32bd600c6761c0b750ea232c876579ea9acb21260cff8f0f23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:13 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 40694
content-length: 29755
timing-allow-origin: *
last-modified: Tue, 30 Mar 2021 20:16:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-server-id: img03-web.con.ma1.webmd.com
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a0bc8dc5f432790-PRG
expires: Wed, 19 Oct 2022 17:39:13 GMT

GET
H2 200 static_1615589852.css
www.medhelp.org/stylesheets/ 129 KB
25 KB 18ms
16ms Stylesheet
text/css 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medhelp.org/stylesheets/static_1615589852.css
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c439907caa23776eb5cd32fed92b99308e7dd789fcceaae329130da9228c5be4

Request headers

:path: /stylesheets/static_1615589852.css
pragma: no-cache
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.medhelp.org
referer: https://www.medhelp.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7639753
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Mar 2021 22:31:16 GMT
server: cloudflare
etag: W/"605a6c34-2037a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzFmB9o7o9n7eh7krzLIaJIm9xKg62M4nRSlUuvxSgrStWXCrhHJplIfxcxOCPoU895S%2FWRCt%2BtPab1v4pQykdr0V0N4lZPEDxsXu6C%2BXsp%2FiSkQppKoBUlySn%2Bd2QsMU%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 6a0bc8dc1cf74e5b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 home_page_1615589852.css
www.medhelp.org/stylesheets/ 334 KB
52 KB 23ms
22ms Stylesheet
text/css 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medhelp.org/stylesheets/home_page_1615589852.css
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bab69cf2e5f1debc42bb69422da48a283e32be6d434986ac34dfa8fd9e9332c

Request headers

:path: /stylesheets/home_page_1615589852.css
pragma: no-cache
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.medhelp.org
referer: https://www.medhelp.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15493673
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Mar 2021 22:31:16 GMT
server: cloudflare
etag: W/"605a6c34-53729"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvkeOeLhe6TWv5i3ES5G5evmFNi0TI%2F9F%2Bx7%2BoPgOKOwC7%2FAMhn%2BVRO3dGUwoD2GyRF2bu%2Fle%2BCO5ld403h72vtqBmbXm7S4YFokrick10i70sVtao1RoQ2RiCsnla75Hwk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 6a0bc8dc1cfc4e5b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 static_1569312985.js Show response
www.medhelp.org/javascripts/ 313 KB
91 KB 31ms
30ms Script
application/javascript 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medhelp.org/javascripts/static_1569312985.js
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cba06fb1546569c8e85d06388cc984ee5e50a1d221119a7530d38f77812d2c1

Request headers

:path: /javascripts/static_1569312985.js
pragma: no-cache
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.medhelp.org
referer: https://www.medhelp.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15489640
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 11 Jun 2020 00:31:59 GMT
server: cloudflare
etag: W/"5ee17b7f-4e300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8ZGX9ccpD8RBR6yonNxQtxT0D2wqF6ifGXhAfnn5oe8g09PMrGff8qmJSWiWuTVpcPV9DXmeRa0P17H5Eb3GLhGF9SHDSAU9cAGdsDJ7tMX4sCea2oEofKdHcEsb8Sfqvg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6a0bc8dc1d004e5b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 home_page_1569312985.js Show response
www.medhelp.org/javascripts/ 187 KB
64 KB 25ms
25ms Script
application/javascript 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medhelp.org/javascripts/home_page_1569312985.js
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9349055d19bb021f44b01af60605f607bd8f102667c2761b52da08677ce34b15

Request headers

:path: /javascripts/home_page_1569312985.js
pragma: no-cache
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.medhelp.org
referer: https://www.medhelp.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7639753
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 11 Jun 2020 00:31:39 GMT
server: cloudflare
etag: W/"5ee17b6b-2ecfe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2SDtotVIvnzHjhjsn9Qljc06rb40ujt8Ok7I6gTdLzfoyeg1a7qMvz%2BeS77qdqgwEai6ev1QjUad4%2F5AyKJtCMMcExiQ5Ps1zkKgoQtJFj%2FVk4zPcfnqFISONhIiNAowYM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6a0bc8dc1d054e5b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 68ms
26ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fjord+One|Lato:400,700|Vollkorn:700

Requested by

Host: www.medhelp.org
URL: https://www.medhelp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

8433cf0afa19d187f41e3608c6ee46b0a0ea47d87529162822e25d689dcab48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 17:39:13 GMT
server: ESF
date: Tue, 19 Oct 2021 17:39:13 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 19 Oct 2021 17:39:13 GMT

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.0.8/js/ 665 KB
240 KB 68ms
39ms Script
application/javascript 172.67.214.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.8/js/all.js
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf7f72d16b9546274d8ca85efe62bd6bb759d68a9f5dfe76253d4122e1da7df8

Request headers

Referer: https://www.medhelp.org/
Origin: https://www.medhelp.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3258209
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 0A92WCXBZW1NAZ1F
x-amz-id-2: nMBzDbTfvqypsZwJYB/s6OE4ULyn/MkkzdD5nBjVLiz1zi5dCfC9GWiQD14mutiA3rbFrjErAHA=
last-modified: Wed, 30 Jun 2021 15:28:03 GMT
server: cloudflare
etag: W/"668aad8c7d9f38f93221a1dcf9f93805"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbtwjOy%2BJOAB5Oi59gUr9zduP93pZepAJJ7gZ69xJS4s6zKB6IM0WoGTM48e6NcehvIpQ8b6sMFyaiEpLu2vJ3vVtopfGChfM7rVFfKN3HUz7VGVjXoviuAfPhiRbkIq98y8DyKb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6a0bc8dcdba0411f-PRG

GET
H3 200 blank.png
www.medhelp.org/RoR/images/ 107 B
750 B 18ms
17ms Image
image/png 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medhelp.org/RoR/images/blank.png
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 390b8e033cc07c4c47d9736679f157b548b612f84ab1e364478c58df3f4e2bdc

Request headers

:path: /RoR/images/blank.png
pragma: no-cache
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.medhelp.org
referer: https://www.medhelp.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15509968
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 107
last-modified: Thu, 11 Jun 2020 00:27:21 GMT
server: cloudflare
etag: "5ee17a69-6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIb6yIk4I9n6pMzJgzxHA6mToTVjZWqIRRYCz9%2F3HGc2Oy2CRikBPnzqe7VD21rDf2Yb%2BBh04HgTNpHafNHdoaSPU3S8IF45vdKd433MKQ6MFrX76hJJrzUcv4dLlFyrru0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a0bc8dcae0b64eb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 mh_logo.png
www.medhelp.org/RoR/images/ 3 KB
4 KB 39ms
38ms Image
image/png 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medhelp.org/RoR/images/mh_logo.png
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 687b57559a49ee51efde5e77ba0b04d77c8cdfbc5a0d2563bcf443e23cdb80bf

Request headers

:path: /RoR/images/mh_logo.png
pragma: no-cache
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.medhelp.org
referer: https://www.medhelp.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 744904
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3263
last-modified: Thu, 11 Jun 2020 00:27:23 GMT
server: cloudflare
etag: "5ee17a6b-cbf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbDLvzrKwL71EMpNax3GQaVZZ3hgH3RntxgS%2Bgdqo7Fb2lHaUS3at2NEDa%2FfZivSceLaiLH2wU6t922%2Fk5EN2ruNQk0%2Bsg09KPI6%2Fta2FnOXT0qUy%2Bqaj3P%2BD%2BcTzBb4xIk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a0bc8dcae0c64eb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 notice Show response
consent.trustarc.com/ 9 KB
4 KB 63ms
43ms Script
text/javascript 13.225.87.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=webmd.com&c=teconsent&js=nj&noticeType=bb&text=true&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy

Requested by

Host: www.medhelp.org
URL: https://www.medhelp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.122 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-122.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d5edff5a4c0480917679cc167d0770a12c4d1184368caeeb84204b81a14570de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 3664
x-xss-protection: 1; mode=block
timing-allow-origin: *
access-control-allow-origin: *
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control: max-age=3600
cloudfront-viewer-country-region: HE
x-amz-cf-id: _1-L2K8IwhbK5giAnKicyr4J2tNOjQ0RmwmRCq2StlmY-s3aMal2Ug==
expires: Tue, 19 Oct 2021 18:39:14 GMT

GET
H3 200 red_urchin_poster.jpg
www.medhelp.org/RoR/videos/ 123 KB
124 KB 40ms
39ms Image
image/jpeg 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medhelp.org/RoR/videos/red_urchin_poster.jpg
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e21c1e726780a0d05b77f5e946caff702a76dd5f4415427270d6fde68b9810b9

Request headers

:path: /RoR/videos/red_urchin_poster.jpg
pragma: no-cache
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.medhelp.org
referer: https://www.medhelp.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15487441
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 125932
last-modified: Thu, 11 Jun 2020 00:27:26 GMT
server: cloudflare
etag: "5ee17a6e-1ebec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2b6RcnUeXk3v0%2B1toSPcye0wyP5qfnlCONxKmB%2BMIJYv2%2FCXMcp1qO3hDJWDBV5exLGntDhnzFzwvlY8bd8tzwE%2F1Bv2rxab5Mda%2Bcg7Wo5TDH0bwigv0HnEwODzysrXkGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a0bc8dcae0d64eb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 phone_iphone@2x.png
www.medhelp.org/RoR/images/home_page/ 96 KB
96 KB 31ms
30ms Image
image/png 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medhelp.org/RoR/images/home_page/phone_iphone@2x.png
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b907063de8094f07be8e867ac24038d5dae93135f2189acf5a30d6d6b139a28

Request headers

:path: /RoR/images/home_page/phone_iphone@2x.png
pragma: no-cache
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.medhelp.org
referer: https://www.medhelp.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3161118
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 98115
last-modified: Thu, 11 Jun 2020 00:27:23 GMT
server: cloudflare
etag: "5ee17a6b-17f43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDpLiLu0i04XZb0V6uGhYDOOHibnNaC%2FkyqUuE1g23pmaVOSkXmyExYtDXlMxanGZKl5RNM0F6zOEOb%2Fk1SJqD%2F8I9wrY05ermTEQqvkcKqTpytCJFtWC9ApOuXq5w%2BEcOA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a0bc8dcae0e64eb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 39ms
15ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.medhelp.org
URL: https://www.medhelp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

3a63b08cb83f8be89139d9fb7c61e75a23732097536f3edafb34ee3919dcf367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1018 / 782 of 1000 / last-modified: 1634654235"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27102
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 19 Oct 2021 17:39:14 GMT

GET
H3 200 logo.png
www.medhelp.org/RoR/images/header/ 3 KB
4 KB 47ms
46ms Image
image/png 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medhelp.org/RoR/images/header/logo.png?1
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/stylesheets/home_page_1615589852.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3df9ac2352d880af649ed3edf9faf3957ebb5ead544731f0beac85852c3193e7

Request headers

:path: /RoR/images/header/logo.png?1
pragma: no-cache
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.medhelp.org
referer: https://www.medhelp.org/stylesheets/home_page_1615589852.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/stylesheets/home_page_1615589852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3163956
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2993
last-modified: Thu, 11 Jun 2020 00:27:22 GMT
server: cloudflare
etag: "5ee17a6a-bb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHEpa%2FhjGZTLawX%2BpOvSyKfMGyyFEEVFlocdt2k9gmi1cuIPcWREzPXoRwN479XF44BnMbgmyCle6TJuOKyG4Oj8Bwi4TxILWTPPsyI1qwGb2ClHGGTW0x2KLa8kSrC6JVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a0bc8dcae0f64eb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 OpenSans-Light.woff
www.medhelp.org/fonts/ 24 KB
24 KB 16ms
16ms Font
font/woff 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medhelp.org/fonts/OpenSans-Light.woff
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/stylesheets/static_1615589852.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8962c00b9572699f6f9a5318d1daea87eed271af1ddc9c7db7e51f286bd2211

Request headers

sec-fetch-mode: cors
origin: https://www.medhelp.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e
:path: /fonts/OpenSans-Light.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.medhelp.org
referer: https://www.medhelp.org/stylesheets/static_1615589852.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.medhelp.org/stylesheets/static_1615589852.css
Origin: https://www.medhelp.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10581090
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24092
last-modified: Thu, 11 Jun 2020 00:27:28 GMT
server: cloudflare
etag: "5ee17a70-5e1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKNcr6xJFInYcjB67Fgk%2F6gb3io1PgER9b5wl87oLija9eAEyIr7EIjizYfNR%2Bf7MsE12z3IZHsemF%2BthVWdvsllcvGGjYAN7rxxLNG0qwo4lU4uDd62%2FfwdFg%2FHUUVkE9k%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: https://www.medhelp.org
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a0bc8dcae1064eb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fontawesome-webfont.woff2
www.medhelp.org/fonts/ 65 KB
66 KB 22ms
22ms Font
font/woff2 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medhelp.org/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/stylesheets/static_1615589852.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

sec-fetch-mode: cors
origin: https://www.medhelp.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e
:path: /fonts/fontawesome-webfont.woff2?v=4.5.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.medhelp.org
referer: https://www.medhelp.org/stylesheets/static_1615589852.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.medhelp.org/stylesheets/static_1615589852.css
Origin: https://www.medhelp.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15470850
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 66624
last-modified: Thu, 11 Jun 2020 00:27:29 GMT
server: cloudflare
etag: "5ee17a71-10440"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdpBPgZZ%2FTS1BAiDiMmzxKeytD85NaHRl2W6FW2rEdmbVnFQCyZX%2BLc2v6aIi1Q7PljZNw0zYnMwUbWjkeVKW2%2BYV1rkdwYVej8m4mPuNCiQex7IoYXQY%2FiwIsIl7we1sak%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://www.medhelp.org
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a0bc8dcae1164eb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 panel1.jpg
www.medhelp.org/RoR/images/home_page/ 83 KB
83 KB 54ms
54ms Image
image/jpeg 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medhelp.org/RoR/images/home_page/panel1.jpg
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/stylesheets/home_page_1615589852.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5800e94eff4cace964213d9ed0baef756f557477ee2e499f26d648762602c6da

Request headers

:path: /RoR/images/home_page/panel1.jpg
pragma: no-cache
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.medhelp.org
referer: https://www.medhelp.org/stylesheets/home_page_1615589852.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/stylesheets/home_page_1615589852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15487441
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 84568
last-modified: Thu, 11 Jun 2020 00:27:23 GMT
server: cloudflare
etag: "5ee17a6b-14a58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObXVKA3ZupsQ3kf8t%2FHYdMLxZgFl6NPiSDwqL1eXqj4huIyZ%2Bj0%2FrrpLgWRrTc2IEeZX8sEOhSQe3nJKVi2RogrHUdfesEPPd0NjIJ2BHR6P%2BwgRCzK%2FcPAS1OWZ6246jHY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a0bc8dcbe1364eb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 panel5.jpg
www.medhelp.org/RoR/images/home_page/ 178 KB
178 KB 55ms
54ms Image
image/jpeg 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medhelp.org/RoR/images/home_page/panel5.jpg
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/stylesheets/home_page_1615589852.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63f76e7ee79e9402656c03764121e2f5c9151c95b2d592f951c7dc4917783c8b

Request headers

:path: /RoR/images/home_page/panel5.jpg
pragma: no-cache
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.medhelp.org
referer: https://www.medhelp.org/stylesheets/home_page_1615589852.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/stylesheets/home_page_1615589852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14340913
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 181991
last-modified: Thu, 11 Jun 2020 00:27:23 GMT
server: cloudflare
etag: "5ee17a6b-2c6e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4y6WznJoClTdnLqMxwLtPCEvx4kFHifLqfHef7nOYWQSeX0zrqs4H%2FiMbmaEnDqETYg9%2FLA%2BKGsMNnXcR4%2FjWvmYyJPIpAu0LyPwviqRwxy1aC56CI9T47yZX26eo8r%2BeU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a0bc8dcbe1464eb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 get_answers.jpg
www.medhelp.org/RoR/images/home_page/ 60 KB
60 KB 66ms
66ms Image
image/jpeg 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medhelp.org/RoR/images/home_page/get_answers.jpg
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/stylesheets/home_page_1615589852.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d552741533bd2b763d29e5005b3ea08e98f57d6f5ba4a2539807e2391082a111

Request headers

:path: /RoR/images/home_page/get_answers.jpg
pragma: no-cache
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.medhelp.org
referer: https://www.medhelp.org/stylesheets/home_page_1615589852.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/stylesheets/home_page_1615589852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 744774
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60935
last-modified: Thu, 11 Jun 2020 00:27:23 GMT
server: cloudflare
etag: "5ee17a6b-ee07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkTcficcYiP65SFx4FWbK33lEVwrgBE1DjlvtwP8ieFhD36p4fGDAiW%2F1jgIbmEGGNLeIBt675MQWJOzdoirsSR5VoS%2FKB%2Fpa%2BU5Ht1dcLchsR5IL53dk968HMfQzjm8%2BvU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a0bc8dcbe1564eb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 OpenSans-Semibold.woff
www.medhelp.org/fonts/ 21 KB
22 KB 67ms
67ms Font
font/woff 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medhelp.org/fonts/OpenSans-Semibold.woff
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/stylesheets/static_1615589852.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6476de96f025b88e64b4c1ffbb75083dc3111120229e03dca5c6eeb7c40db794

Request headers

sec-fetch-mode: cors
origin: https://www.medhelp.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e
:path: /fonts/OpenSans-Semibold.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.medhelp.org
referer: https://www.medhelp.org/stylesheets/static_1615589852.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.medhelp.org/stylesheets/static_1615589852.css
Origin: https://www.medhelp.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4646602
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21748
last-modified: Thu, 11 Jun 2020 00:27:28 GMT
server: cloudflare
etag: "5ee17a70-54f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NU2%2BbZD7nqhBM6EnVWVKgqJnpgSMP3xS%2Bq1ZdEYtYYjSlgQIk05%2BWrEc1270habRsSOx%2F5Q9pSxvXcL2UjO3%2BWrHPYNNeS57UCMQ2gUX4Nt3VsKzSxTrrgkUJ7uXPb6JmKg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: https://www.medhelp.org
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a0bc8dcbe1664eb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 206 red_urchin.webm
www.medhelp.org/RoR/videos/ 158 KB
0 562ms
562ms Media
video/webm 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medhelp.org/RoR/videos/red_urchin.webm
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-fetch-mode: no-cors
accept-encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
sec-fetch-dest: video
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e
:path: /RoR/videos/red_urchin.webm
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.medhelp.org
referer: https://www.medhelp.org/
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://www.medhelp.org/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-10203566/10203567
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 10203567
last-modified: Thu, 11 Jun 2020 00:27:26 GMT
server: cloudflare
etag: "5ee17a6e-9bb1af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ga63eLpp5UsfeWWLWGoUD1k%2FOwhVTT3%2BBL1iUwCDMDAzcrPHJiAjOZpfQyViyUUotOqe5v%2BXOvY8sW6DMsddGoENJJqBSNwlyJfNaz%2F21lAK62JXaX8ZJWwaRh0%2BxJhYrHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/webm
cache-control: max-age=315360000
cf-ray: 6a0bc8dcde1d64eb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 mh_logo_footer_new@2x.png
www.medhelp.org/RoR/images/home_page/ 3 KB
4 KB 39ms
38ms Image
image/png 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medhelp.org/RoR/images/home_page/mh_logo_footer_new@2x.png
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/stylesheets/home_page_1615589852.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 993f2549c3a055f445ac1cea5e9fe120486a42574637ca3fbb40a7bb2316cea0

Request headers

:path: /RoR/images/home_page/mh_logo_footer_new@2x.png
pragma: no-cache
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.medhelp.org
referer: https://www.medhelp.org/stylesheets/home_page_1615589852.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/stylesheets/home_page_1615589852.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15294006
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3303
last-modified: Thu, 11 Jun 2020 00:27:23 GMT
server: cloudflare
etag: "5ee17a6b-ce7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiBxRlU3jqJXh3mRHEfKGFWmBfacS6ClBaWWSbaEeC2sDcJMZjhzAaMoY44B%2F92bbGYo%2Feb01y9kMlgtAV%2B%2B78yG%2FtWLkJ0VIePmhv0lv2nJz0nrDxA6VirRADPFb6Q1ehs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a0bc8dcee2164eb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 43ms
7ms Script
application/javascript 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js?c1=2&c2=8680244&c3=&c4=www.medhelp.org/&c5=&c6=&c15=
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 22:59:47 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 141340
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: FTo-RNaLIJLu_Q1d8p3rx1Kbi05zXn7ZDCRdYfsclkDsNspfw4js9Q==

GET
H2

200

s76231773087116
ssl.o.medhelp.org/b/ss/webmdp1global/1/JS-2.15.0/
Redirect Chain

https://ssl.o.medhelp.org/b/ss/webmdp1global/1/JS-2.15.0/s76231773087116?AQB=1&ndh=1&pf=1&t=19%2F9%2F2021%2017%3A39%3A14%202%200&fid=099FCDA4F9ADCF1D-080855BA27CB99A0&ce=ISO-8859-1&ns=webmd&cdp=2&p...
https://ssl.o.medhelp.org/b/ss/webmdp1global/1/JS-2.15.0/s76231773087116?AQB=1&pccr=true&vidn=30B7816178629227-60001BE940908532&ndh=1&pf=1&t=19%2F9%2F2021%2017%3A39%3A14%202%200&fid=099FCDA4F9ADCF1...

43 B
269 B

17ms
17ms

Image
image/gif

13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.o.medhelp.org/b/ss/webmdp1global/1/JS-2.15.0/s76231773087116?AQB=1&pccr=true&vidn=30B7816178629227-60001BE940908532&ndh=1&pf=1&t=19%2F9%2F2021%2017%3A39%3A14%202%200&fid=099FCDA4F9ADCF1D-080855BA27CB99A0&ce=ISO-8859-1&ns=webmd&cdp=2&pageName=medhelp.org%2F&g=https%3A%2F%2Fwww.medhelp.org%2F&c.&wb.&vapi=visitorapi%20missing&pubsourceco=webmd&metakywrd=medical%20questions%2C%20medical%2C%20question%2C%20medical%20question%2C%20health%20questions%2C%20medical%20health%2C%20medical%20information%2C%20medical%20help%2C%20forums%2C%20health%2C%20communities%2C%20health%20forums&.wb&.c&cc=USD&server=ntc%7Coocommon%7C20210330&c3=medhelp&c6=homepage&c7=default&c35=homepage&c48=mbl-no&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: www.medhelp.org
URL: https://www.medhelp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
x-content-type-options: nosniff
x-c: main-1540.I13d07b.M0-522
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 20 Oct 2021 17:39:14 GMT
server: jag
xserver: anedge-b4c7fdd79-wflsz
etag: 3510416688438312960-4619390400996746149
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 18 Oct 2021 17:39:14 GMT

Redirect headers

date: Tue, 19 Oct 2021 17:39:14 GMT
x-content-type-options: nosniff
x-c: main-1540.I13d07b.M0-522
p3p: CP="This is not a P3P policy"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
location: https://ssl.o.medhelp.org/b/ss/webmdp1global/1/JS-2.15.0/s76231773087116?AQB=1&pccr=true&vidn=30B7816178629227-60001BE940908532&ndh=1&pf=1&t=19%2F9%2F2021%2017%3A39%3A14%202%200&fid=099FCDA4F9ADCF1D-080855BA27CB99A0&ce=ISO-8859-1&ns=webmd&cdp=2&pageName=medhelp.org%2F&g=https%3A%2F%2Fwww.medhelp.org%2F&c.&wb.&vapi=visitorapi%20missing&pubsourceco=webmd&metakywrd=medical%20questions%2C%20medical%2C%20question%2C%20medical%20question%2C%20health%20questions%2C%20medical%20health%2C%20medical%20information%2C%20medical%20help%2C%20forums%2C%20health%2C%20communities%2C%20health%20forums&.wb&.c&cc=USD&server=ntc%7Coocommon%7C20210330&c3=medhelp&c6=homepage&c7=default&c35=homepage&c48=mbl-no&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
last-modified: Wed, 20 Oct 2021 17:39:14 GMT
server: jag
xserver: anedge-b4c7fdd79-whqrn
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 18 Oct 2021 17:39:14 GMT

GET
H2 200 pubads_impl_2021101201.js Show response
securepubads.g.doubleclick.net/gpt/ 361 KB
122 KB 43ms
20ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 124532
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 19 Oct 2021 17:39:14 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 125 B
707 B 39ms
17ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.medhelp.org

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

dcb962175ff82e3c1fb17c7906d75887b7e4b3273a0060ddc8ecd5957a53657e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Oct 2021 17:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0
expires: Tue, 19 Oct 2021 17:39:14 GMT

GET
H2 200 v1.7-940 Show response
consent.trustarc.com/asset/notice.js/v/ 72 KB
23 KB 28ms
7ms Script
text/javascript 13.225.87.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-940
Requested by: Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=webmd.com&c=teconsent&js=nj&noticeType=bb&text=true&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-122.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 632a3062eeb1f2004e8f051fd70a11013cd09540e9453eb8c0ecb7fd262ac8ff

Request headers

Referer: https://www.medhelp.org/
Origin: https://www.medhelp.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:13:19 GMT
content-encoding: gzip
age: 1555
x-cache: Hit from cloudfront
pragma: public
access-control-allow-origin: *
last-modified: Wed, 22 Sep 2021 02:04:09 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: 1hfdY7pEYdOj8n7V8ikcpjnHprVaExkDFoAfLtGph1krGHDcjuff0A==
expires: Thu, 18 Nov 2021 17:13:19 GMT

GET
H2 200 log
consent.trustarc.com/ 43 B
382 B 40ms
40ms Image
image/gif 13.225.87.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/log?domain=webmd.com&country=de&state=&behavior=expressed&c=638a
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-122.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 17:39:14 GMT
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: Kh1F3Oibds3cgevHZFLz8iD0GZg3WiNcqGP6D61cRMTI2L7oPRvHOw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 uspapi.js Show response
consent.trustarc.com/asset/ 3 KB
2 KB 7ms
7ms Script
text/javascript 13.225.87.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.trustarc.com/asset/uspapi.js
Requested by: Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-122.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 88d7e4dfc0c6596495db87af34f2568d1be1537e496ac62dc4891e5576d47f24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:25:00 GMT
content-encoding: gzip
age: 854
x-cache: Hit from cloudfront
pragma: public
access-control-allow-origin: *
last-modified: Mon, 20 Apr 2020 07:01:28 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: ZrR31TdVvkIfOInCv7BFqpQkzNBJgxCcOzRruZsDnbdWGeqQ_GroSw==
expires: Thu, 18 Nov 2021 17:25:00 GMT

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame A768 5 KB
2 KB 28ms
7ms Document
text/html 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: consent-pref.trustarc.com
:scheme: https
:path: /?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.medhelp.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/

Response headers

content-type: text/html; charset=UTF-8
server: nginx
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 19 Oct 2021 02:50:39 GMT
etag: W/"5147-1633534398000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: ggG40bU0MCKKTQgPiObrgU9VG5CVorhLg8dUjYuLmawQuKj8bM7Ikw==
age: 53378

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
503 B 40ms
39ms Image
image/gif 13.225.87.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=webmd.com&behavior=expressed&country=de&language=en&rand=0.5046784686167565

Requested by

Host: www.medhelp.org
URL: https://www.medhelp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.122 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-122.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
timing-allow-origin: *
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
cloudfront-viewer-country-region: HE
x-amz-cf-id: Go8aCHyaajq7dIaLk3vsC0OO1r_F_FVb8jza5tsq-7U0OcZwxr3X0w==
expires: Tue, 19 Oct 2021 18:39:14 GMT

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A768 5 KB
2 KB 34ms
33ms Script
application/javascript 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-129.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0dd36438fa18f3b2b6a01dc6a086a2a75e08d4fcb429402af280d0b66dce6c8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 15:33:34 GMT
server: nginx
x-amz-cf-pop: FRA56-P4
etag: W/"4867-1633534414000"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: eLEO6AoyCduK8t_0PUQgMLz8NfcoBmxeauNuI45zBe_TtoeALOQ0GA==
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
expires: Tue, 19 Oct 2021 17:39:13 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame A768 20 KB
5 KB 26ms
8ms Script
text/javascript 13.224.193.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-49.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: public
date: Fri, 08 Oct 2021 15:50:35 GMT
content-encoding: gzip
server: nginx
age: 956919
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
timing-allow-origin: *
x-amz-cf-id: XQt2HYzioeLKAe8t0yZhFMi094SYssW_EUQU1yDgh1RlnZbBSzXL5w==
via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
expires: Sun, 07 Nov 2021 15:50:35 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame A768 3 KB
3 KB 7ms
7ms Image
image/gif 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 22:56:03 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
server: nginx
age: 67391
etag: W/"2608-1633534398000"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 2608
x-xss-protection: 1; mode=block
x-amz-cf-id: dDAejQlDNEGSY_iC8HsJVYHFRSxf0uTK1glE2i5hRrzra9gFV6aWIQ==

GET
H2 200 CA997B588C0A4B4B220B823E359467E4.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A686 139 KB
46 KB 8ms
7ms Document
text/html 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-129.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ff7972cc3d2b673e12e2d3b4f1a3f486f8fd3e72f1358f1883e876efb25b66f4

Request headers

:method: GET
:authority: consent-pref.trustarc.com
:scheme: https
:path: /defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 12 Oct 2021 02:20:41 GMT
server: nginx
etag: W/"142808-1633534414000"
last-modified: Wed, 06 Oct 2021 15:33:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: edxjTeGARZyRHwTyw9XG9M9PwQfxK3W-fRGVeOJlFK_wKhq6p1wc9w==
age: 659913

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A768 969 B
822 B 32ms
32ms XHR
application/json 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

edb378ec33f8cd7235d0d1451912782c10e64b73851b8005987dfbb2b24b0a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: CA997B588C0A4B4B220B823E359467E4
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 462
x-xss-protection: 1; mode=block
x-amz-cf-id: LZt4CzdSG-AjgLhTRG07sI93iCgY7m0Z5bv0oaGpGFYQxk7imLZZCw==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A768 48 B
390 B 34ms
33ms XHR
application/json 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

31d8eaf65fe4de61e04a129bba517460d55d0b946b09ea89b481f924932f447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: CA997B588C0A4B4B220B823E359467E4
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
content-disposition: attachment
content-length: 48
x-xss-protection: 1; mode=block
x-amz-cf-id: FgOXp_IuP7VPDoYuEm4H3Jn_31UMvBFdV-MlRitswOAhOkHfBb9pOw==

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame A768 28 KB
7 KB 56ms
56ms Stylesheet
text/css 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/EuPreferenceManager.css
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-129.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 75b9505ae007f8cc3bc1c5858b2010548ad36d39f1720b71be444a6238b4b8ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
server: nginx
x-amz-cf-pop: FRA56-P4
etag: W/"28907-1633534398000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: pbH_J4_rWIT2IhbqXd1Q_O9RBUAKppWSPqjDlPVTbQyQOhCqBbZnIA==
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
expires: Tue, 19 Oct 2021 17:39:13 GMT

GET
H2 200 10.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/CA997B588C0A4B4B220B823E359467E4/ Frame A768 252 KB
86 KB 7ms
7ms XHR
application/javascript 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/CA997B588C0A4B4B220B823E359467E4/10.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-129.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: d367560de53d283557b5b465ecb65c8527f73106b5435a42c630aa96223aec7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 02:20:29 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 15:33:34 GMT
server: nginx
age: 659925
etag: W/"258117-1633534414000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: zFwuUKXXXk4ssLWLDLa7ru4YPX9HS6cfKvWCzNIXrhXB-xArS1UnTA==
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/CA997B588C0A4B4B220B823E359467E4/ Frame A768 19 KB
8 KB 7ms
7ms XHR
application/javascript 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/CA997B588C0A4B4B220B823E359467E4/1.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-129.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 13b64eac810929d5c8a140f9a28ebec23c9b985399aa87e63789e68978751d0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 02:20:41 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 15:33:34 GMT
server: nginx
age: 659913
etag: W/"19640-1633534414000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: CITLpzRD66SaKdUrvGBTlIW6EYPxgRFgeSFNqy9HGyqsZjcaZ33pNQ==
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame DD14 5 KB
2 KB 284ms
94ms Document
text/html 34.202.206.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https://www.medhelp.org/legal/privacy_policy&cookieLink=https://www.medhelp.org/legal/california_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.206.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-206-65.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Request headers

:method: GET
:authority: prefmgr-cookie.truste-svc.net
:scheme: https
:path: /cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https://www.medhelp.org/legal/privacy_policy&cookieLink=https://www.medhelp.org/legal/california_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
etag: W/"5014-1597208285000"
last-modified: Wed, 12 Aug 2020 04:58:05 GMT
content-encoding: gzip

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A768 688 B
663 B 235ms
235ms XHR
application/json 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9d611fea965db08b927f49f8f820814689670652e9a4bac5a826528c67c2fb54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: CA997B588C0A4B4B220B823E359467E4
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 302
x-xss-protection: 1; mode=block
x-amz-cf-id: w8T-6NCN35o48IU_b4LRpP0WfAJyLGvkWiwjYVd0wBURwTPLwUbpQw==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A768 32 KB
6 KB 33ms
33ms XHR
application/json 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

11b761e8615df8cbd0cce24b7cf6e6e82e0690d7f34fb625f64f0aebc0dd244d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: CA997B588C0A4B4B220B823E359467E4
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 5941
x-xss-protection: 1; mode=block
x-amz-cf-id: 0SkEbfIcLgeCqzfmjI2_uePbfo7h6gacKxQfZWiQ8W3-jqxGm6E6VA==

GET
H3 200 css2
fonts.googleapis.com/ Frame A768 14 KB
909 B 45ms
24ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

25a97b6f96010411d7098a277fc392cf8fe4c024a5bb5ef44b9da7790f0c0022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 17:39:10 GMT
server: ESF
date: Tue, 19 Oct 2021 17:39:14 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 19 Oct 2021 17:39:14 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame A768 28 KB
1 KB 44ms
23ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

8e951be89401e9c38abcd215572437245d6432f713d0de7d26c35d0901a24508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 16:28:22 GMT
server: ESF
date: Tue, 19 Oct 2021 17:39:14 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 19 Oct 2021 17:39:14 GMT

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame A768 4 KB
4 KB 7ms
7ms Image
image/png 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: www.medhelp.org
URL: https://www.medhelp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 16:27:47 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
server: nginx
age: 4287
etag: W/"4197-1633534398000"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 4197
x-xss-protection: 1; mode=block
x-amz-cf-id: skT2yf1G-zcbmqKcGwRe4i4vVjPw1LqIDDoUQnKumDxmVzwoYokLLA==

GET
H3 200 red_urchin_poster.jpg
www.medhelp.org/RoR/videos/ 123 KB
124 KB 19ms
18ms Image
image/jpeg 172.67.141.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medhelp.org/RoR/videos/red_urchin_poster.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e21c1e726780a0d05b77f5e946caff702a76dd5f4415427270d6fde68b9810b9

Request headers

:path: /RoR/videos/red_urchin_poster.jpg
pragma: no-cache
cookie: guid=47ba483d604b3c0be35cede860a03c9b74ae5805; mh_expt=95; ccpa_qual=1; _medhelp_session=739b68b4da1d805fbea4051ece3d572e; s_fid=099FCDA4F9ADCF1D-080855BA27CB99A0; s_cc=true; notice_behavior=expressed,eu; click_zone=; s_vi=[CS]v1|30B7816178629227-60001BE940908532[CE]; usprivacy=1---
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.medhelp.org
referer: https://www.medhelp.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medhelp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15487441
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 125932
last-modified: Thu, 11 Jun 2020 00:27:26 GMT
server: cloudflare
etag: "5ee17a6e-1ebec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvRxpn0mNoz39ioLCrbdbZ7zZHU3RTPiHfsQMszT4DK0XoR6zJPy1oTNPYLRZ2PRxwdCqWhAHWOMiUj4VE%2FNCscPDtWlwrX%2FDPrgRLDODKZwcM8jk0i9P%2FdNZTEGmb8rCbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a0bc8e21efe64eb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/CA997B588C0A4B4B220B823E359467E4/ Frame A768 86 KB
28 KB 8ms
7ms XHR
application/javascript 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/CA997B588C0A4B4B220B823E359467E4/3.cache.js
Requested by: Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-129.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 8767b90b34450f819b366f82fae354d2ef1e473956127244915cc2b7dd34adb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 02:20:42 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 15:33:34 GMT
server: nginx
age: 659912
etag: W/"88310-1633534414000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 9EzMpxq-egXsyd-ct-benmF6utlC0jPL40YziKgiHKqXFLn0N8t94g==
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame A768 3 KB
3 KB 8ms
8ms Image
image/gif 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Host: www.medhelp.org
URL: https://www.medhelp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 22:56:03 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
server: nginx
age: 67391
etag: W/"2608-1633534398000"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 2608
x-xss-protection: 1; mode=block
x-amz-cf-id: FhBD7QDZTFFoj5jHR1-odPvFCuBARDOSLSeyflpPHrWQj3Padxb1yA==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A768 2 KB
1 KB 33ms
32ms XHR
application/json 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

6ba42eb6e0bbd6aecdda086fe2daa8be80c10d45c1e320125f97b6d69f340776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: CA997B588C0A4B4B220B823E359467E4
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 19 Oct 2021 17:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 908
x-xss-protection: 1; mode=block
x-amz-cf-id: EPFwwneCWJJu1o3xPME7yeRz68TsAAgyRzEPZ9FuJxaThb0FDBVdCw==

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame A768 15 KB
16 KB 30ms
8ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://consent-pref.trustarc.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 17:55:21 GMT
x-content-type-options: nosniff
age: 85433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 18 Oct 2022 17:55:21 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame A768 16 KB
16 KB 34ms
11ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://consent-pref.trustarc.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 11:16:30 GMT
x-content-type-options: nosniff
age: 195764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 17 Oct 2022 11:16:30 GMT

GET
H2 200 loader.gif
consent-pref.trustarc.com/images/ Frame A768 2 KB
2 KB 8ms
7ms Image
image/gif 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loader.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 18:09:59 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
server: nginx
age: 84555
etag: W/"1737-1633534398000"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 1737
x-xss-protection: 1; mode=block
x-amz-cf-id: bnhFUf5cHW5Y0OKQJGd9WJCK3aiduioS7eTGGaw8c0hA4VMD6cWl5A==

GET
H2 200 get
consent.trustarc.com/ Frame A768 238 B
581 B 8ms
8ms Image
image/svg+xml 13.225.87.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/get?name=left-arrow-icon.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-122.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 35c5f61bf352a4472c27905ca5942fbffbbb3792aeff586380f60b6fc1bf539e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: public
date: Tue, 19 Oct 2021 17:13:19 GMT
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
server: nginx
age: 1555
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
content-length: 238
x-amz-cf-id: hFbJwhHR47UI0Q7DgkJAq7MvX9_9bcNDxbPr9BJHJV-LMpIkZ4Mf8g==
expires: Thu, 18 Nov 2021 17:13:19 GMT

GET
H2 200 get
consent.trustarc.com/ Frame A768 9 KB
9 KB 9ms
9ms Image
image/png 13.225.87.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/get?name=WebMD_logo90x21.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-122.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 3c752a1ff8c8d87d82ae2f57146ac68f83228054d4637f224d4a442c04e4738a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: public
date: Tue, 19 Oct 2021 17:07:57 GMT
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
server: nginx
age: 1877
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
content-length: 8891
x-amz-cf-id: crrKAMrsPl0_lhFNkJsNoJb0Y85pbtNribjJuM8Oz2uE8aJw6dH2-Q==
expires: Thu, 18 Nov 2021 17:07:57 GMT

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame 881D 2 KB
1 KB 7ms
7ms Document
text/html 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https://www.medhelp.org/legal/privacy_policy&cookieLink=https://www.medhelp.org/legal/california_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: consent-pref.trustarc.com
:scheme: https
:path: /cookie_inneriframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://prefmgr-cookie.truste-svc.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://prefmgr-cookie.truste-svc.net/

Response headers

content-type: text/html; charset=UTF-8
server: nginx
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 18 Oct 2021 18:14:16 GMT
etag: W/"2008-1633534398000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 1jJyqnrpU3JI-W7ENIHLcROLMqDyaguqImNBYQxbxZIU3p_IyGqZ1w==
age: 84298

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A768 93 KB
20 KB 41ms
40ms XHR
application/json 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

29dc06ea201d0e4cbcc73a16d9b71ec95d0c583152e1263c9bc3dc171a24e58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: CA997B588C0A4B4B220B823E359467E4
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 19 Oct 2021 17:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
content-disposition: attachment
access-control-allow-origin: *
content-length: 19841
x-xss-protection: 1; mode=block
x-amz-cf-id: e5K8zWSCyOFt87puq_GIZLgIcD5AIJGcgv-bURwcou2v8_s3HBGsPQ==

GET
H2 200 loader.gif
consent-pref.trustarc.com/images/ Frame A768 2 KB
2 KB 7ms
7ms Image
image/gif 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loader.gif

Requested by

Host: www.medhelp.org
URL: https://www.medhelp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 18:09:59 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
server: nginx
age: 84555
etag: W/"1737-1633534398000"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 1737
x-xss-protection: 1; mode=block
x-amz-cf-id: HuAYe83TKikCH64OZgx3-vjt1KUs_PvWAsXCBDPrKLLF81vsIQLJqA==

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame A768 16 KB
16 KB 22ms
8ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://consent-pref.trustarc.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 23:11:53 GMT
x-content-type-options: nosniff
age: 239242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15948
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 16 Oct 2022 23:11:53 GMT

GET
H2

200

/ Show response
preferences-mgr.truste.com/token/569/1/bluecava-csrf/ Frame DE2D
Redirect Chain

https://preferences.bluecava.com/daa/optout.ashx?action_id=3&participant_id=569&rd=https://preferences-mgr.truste.com/&nocache=0.027878971879227832
https://preferences-mgr.truste.com/token/569/1/bluecava-csrf/

560 B
784 B

7ms
6ms

Document
text/html

18.66.139.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/569/1/bluecava-csrf/
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ea946decdf3bce71e1bd43c48939d8a0bc62ea7fe1e6d3850bcdb941b669b959

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/569/1/bluecava-csrf/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 560
date: Tue, 19 Oct 2021 07:03:55 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 5b21c56dde1a436b4b6766d2406627d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: V5jEZgvMVQ3_unnqQU9s_M3EM2oN673Utucx1NuAEkpnGBXTE9tmEA==
age: 38120

Redirect headers

server: nginx/1.21.1
date: Tue, 19 Oct 2021 17:39:15 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 0
cache-control: no-cache, no-store
expires: -1
location: https://preferences-mgr.truste.com/token/569/1/bluecava-csrf/
p3p: policyref="https://www.bluecava.com/w3c/p3p.xml",CP="NON DSP COR LAW ADM DEV PSAo PSDi CONi TELi OUR SAM BUS UNI PRE COM"
pragma: no-cache
strict-transport-security: max-age=31536000

GET
H2

200

adelphic Show response
preferences-mgr.truste.com/token/642/1/ Frame 0DAB
Redirect Chain

https://my.ipredictive.com/optout/aboutads?action_id=3&participant_id=642&rd=https://preferences-mgr.truste.com&nocache=0.9860658296684495
https://preferences-mgr.truste.com/token/642/1/adelphic

550 B
775 B

42ms
8ms

Document
text/html

18.66.139.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/642/1/adelphic
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2fc144fae13962c0d391f4a75a0ec528c0aadd48b23acfdb0f296ffd7d339adc

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/642/1/adelphic
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Tue, 19 Oct 2021 05:06:36 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 5b21c56dde1a436b4b6766d2406627d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: nLQ1XbiNy47OyH_TGrNKZhqHECrWDcG0MYiVxqIm4ThUE7vakY1fsg==
age: 45159

Redirect headers

date: Tue, 19 Oct 2021 17:39:15 GMT
content-length: 0
location: https://preferences-mgr.truste.com/token/642/1/adelphic
server: Apache-Coyote/1.1
p3p: CP="NOI PSA OUR"

GET
H2

200

1 Show response
preferences-mgr.truste.com/token/768/ Frame 7BCA
Redirect Chain

https://optout.alphonso.tv/optout_v1?action_id=3&participant_id=768&rd=https://preferences-mgr.truste.com&nocache=0.30364533837941154
https://preferences-mgr.truste.com/token/768/1

546 B
772 B

6ms
6ms

Document
text/html

18.66.139.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/768/1
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1b26143b592dd06b2c5f2dd1a0f15d4879ba64ba9a1eddcb7f467523f7b39e9f

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/768/1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Mon, 18 Oct 2021 21:36:20 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 5b21c56dde1a436b4b6766d2406627d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: AQiFSkvhVnvXQThpwDX6XGUFUZw_Qb5qBw9F_0ZzTSk54A3jBaWzfw==
age: 72175

Redirect headers

X-Powered-By: Express
Access-Control-Allow-Origin: *
Vary: Origin, Accept, Accept-Encoding
Location: https://preferences-mgr.truste.com/token/768/1
Content-Type: text/html; charset=utf-8
Content-Length: 136
Date: Tue, 19 Oct 2021 17:39:15 GMT

GET
H2

200

253614 Show response
preferences-mgr.truste.com//token/392/1/ Frame 92D4
Redirect Chain

https://optout.crsspxl.com/opt-out.php?action_id=3&participant_id=392&rd=https://preferences-mgr.truste.com/&nocache=0.07896764850395988
https://preferences-mgr.truste.com//token/392/1/253614

546 B
770 B

37ms
10ms

Document
text/html

18.66.139.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/392/1/253614
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bc1f23151d099b4b2db6c4fe9b1adf9c5e81941fc4a37c00b2dd3f038de0ce6a

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: //token/392/1/253614
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Tue, 19 Oct 2021 05:58:42 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 5b21c56dde1a436b4b6766d2406627d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: 0JpijmjVtEChSt6GQYn0qMqbpSe8N3drTSaUfPSOMaOWq6Jq-LN4fA==
age: 42033

Redirect headers

Date: Tue, 19 Oct 2021 17:39:15 GMT
Server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/5.4.16
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
X-Powered-By: PHP/5.4.16
Location: https://preferences-mgr.truste.com//token/392/1/253614
Content-Length: 0
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

GET
H2

200

no-token Show response
preferences-mgr.truste.com/token/591/1-1/ Frame 8D37
Redirect Chain

https://px.owneriq.net/nai/optout?action_id=3&participant_id=591&rd=https://preferences-mgr.truste.com&nocache=0.7524103639031083
https://preferences-mgr.truste.com/token/591/1-1/no-token

554 B
778 B

7ms
6ms

Document
text/html

18.66.139.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/591/1-1/no-token
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 892af2ba7758cbe009692eb0bc3e5a3b0fa5a15925d309a0d1fca2c229934982

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/591/1-1/no-token
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 554
date: Tue, 19 Oct 2021 07:09:10 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 5b21c56dde1a436b4b6766d2406627d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: M79l5Yk4zx9yZbIKQ5emkOGab1ZVkYxua5PRcAwyDcAtnUi5bE4LNA==
age: 37805

Redirect headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://preferences-mgr.truste.com/token/591/1-1/no-token
Content-Length: 0
Content-Type: text/html
Expires: Tue, 19 Oct 2021 17:39:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 19 Oct 2021 17:39:15 GMT
Connection: keep-alive

GET
H2

200

yauDkYtEHqVb Show response
preferences-mgr.truste.com/token/422/1/ Frame E1BA
Redirect Chain

https://bh.contextweb.com/bh/oba/aboutads/?action_id=3&participant_id=422&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.0426760754898341
https://preferences-mgr.truste.com/token/422/1/yauDkYtEHqVb

558 B
783 B

139ms
101ms

Document
text/html

18.66.139.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/422/1/yauDkYtEHqVb
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c64b212490927afa104ba153cd50c22a1d62b89684433c1cb04c423fbb7b737a

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/422/1/yauDkYtEHqVb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 558
date: Tue, 19 Oct 2021 17:39:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 5b21c56dde1a436b4b6766d2406627d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: HeZLTA1i5hdBVHYtWJtFPnCLm_SDHC8SK9bp_a3vDKtA3_SfcKrSAQ==

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
location: https://preferences-mgr.truste.com/token/422/1/yauDkYtEHqVb
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=3b7253c814c781a5; path=/; HttpOnly; Secure; SameSite=None

GET
H2

200

0 Show response
preferences-mgr.truste.com//token/497/2-0/ Frame D22E
Redirect Chain

https://api.retargetly.com/optout?action_id=3&participant_id=497&rd=https://preferences-mgr.truste.com/&nocache=0.6516504793613891
https://api.retargetly.com/optout?action_id=3&participant_id=497&rd=https%3A%2F%2Fpreferences-mgr.truste.com%2F&nocache=0.6516504793613891&_rlid=1ab9d924-2334-43ca-a241-170d47a25207
https://preferences-mgr.truste.com//token/497/2-0/0

550 B
782 B

7ms
7ms

Document
text/html

18.66.139.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com//token/497/2-0/0
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8891eedb325cdaa0450e0d27740ce5d80ce0e9c610555f74e7819dffbab75f3f

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: //token/497/2-0/0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 550
date: Mon, 18 Oct 2021 17:40:50 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 5b21c56dde1a436b4b6766d2406627d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: LHe4-e53rdEAnkw28yV435_7MDV62O8D-_cejjA8BzP92bON8kx8Hw==
age: 86305

Redirect headers

date: Tue, 19 Oct 2021 17:39:15 GMT
content-type: application/javascript
set-cookie: _rlsnc=0; domain=.retargetly.com; path=/; expires=Tue, 19 Oct 2021 17:39:15 GMT; SameSite=None; Secure
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control: no-cache
pragma: no-cache
expires: 0
location: https://preferences-mgr.truste.com//token/497/2-0/0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a0bc8e4881b2798-PRG

GET
H2

200

qcDhtLSbliFmYOzFVuhtxEntlULcaDBMnEDcvOFJwToIkxWuSQPWFfvpAISwnpZB Show response
preferences-mgr.truste.com/token/730/1-0/ Frame FBA1
Redirect Chain

https://p1.optout.agkn.com/nai?action_id=3&participant_id=730&rd=https%3A%2F%2Fpreferences-mgr.truste.com&nocache=0.0016855803849014084
https://preferences-mgr.truste.com/token/730/1-0/qcDhtLSbliFmYOzFVuhtxEntlULcaDBMnEDcvOFJwToIkxWuSQPWFfvpAISwnpZB

666 B
891 B

140ms
102ms

Document
text/html

18.66.139.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/730/1-0/qcDhtLSbliFmYOzFVuhtxEntlULcaDBMnEDcvOFJwToIkxWuSQPWFfvpAISwnpZB
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ee9810611363446daad03f7592002b9aec94b71798db36898d554b61f5157ba4

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/730/1-0/qcDhtLSbliFmYOzFVuhtxEntlULcaDBMnEDcvOFJwToIkxWuSQPWFfvpAISwnpZB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 666
date: Tue, 19 Oct 2021 17:39:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 5b21c56dde1a436b4b6766d2406627d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: sVnjf1enjx97FrB0CWmhIm0RaUkqNAOhjhvMLJ-GClkrFLX0HxaFKw==

Redirect headers

date: Tue, 19 Oct 2021 17:39:15 GMT
content-length: 0
location: https://preferences-mgr.truste.com/token/730/1-0/qcDhtLSbliFmYOzFVuhtxEntlULcaDBMnEDcvOFJwToIkxWuSQPWFfvpAISwnpZB
set-cookie: optout_token=qcDhtLSbliFmYOzFVuhtxEntlULcaDBMnEDcvOFJwToIkxWuSQPWFfvpAISwnpZB;Path=/;Domain=p1.optout.agkn.com;Version=1;SameSite=None;Secure
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-language: de-DE

GET
H2

200

xunp Show response
preferences-mgr.truste.com/token/770/1-0/ Frame 05FF
Redirect Chain

https://optout.thrtle.com/optout?action_id=3&participant_id=770&rd=https://preferences-mgr.truste.com&nocache=0.9810294348718172
https://preferences-mgr.truste.com/token/770/1-0/xunp

546 B
772 B

103ms
102ms

Document
text/html

18.66.139.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences-mgr.truste.com/token/770/1-0/xunp
Requested by: Host: www.medhelp.org
URL: https://www.medhelp.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bbce86ad96e041d59c4bbbf26a486cb04148d837ac62e8db781abaa5d2cfa6ee

Request headers

:method: GET
:authority: preferences-mgr.truste.com
:scheme: https
:path: /token/770/1-0/xunp
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://consent-pref.trustarc.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/

Response headers

content-length: 546
date: Tue, 19 Oct 2021 17:39:15 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 5b21c56dde1a436b4b6766d2406627d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: j5xSr7sZdBAU8Cw1RCb1QKWyE4FFtrkLfMGw1ReQYEJgW4L7DCNs5g==

Redirect headers

date: Tue, 19 Oct 2021 17:39:15 GMT
content-type: text/html; charset=utf-8
content-length: 76
location: https://preferences-mgr.truste.com/token/770/1-0/xunp
p3p: CP="NOI OUR BUS UNI COM NAV"
strict-transport-security: max-age=63072000; includeSubDomains
server

GET

daastatus.ashx
optout.mxptint.net/ Frame 2F44
Redirect Chain

https://optout.mxptint.net/daaoptout.ashx?action_id=3&participant_id=540&rd=http://preferences-mgr.truste.com&nocache=0.10598133523879283
https://optout.mxptint.net/daastatus.ashx?rd=http://preferences-mgr.truste.com&participant_id=540&action_id=3

0
0

GET
H2 200 loader.gif
consent-pref.trustarc.com/images/ Frame A768 2 KB
2 KB 7ms
7ms Image
image/gif 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loader.gif

Requested by

Host: www.medhelp.org
URL: https://www.medhelp.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 18:09:59 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
server: nginx
age: 84556
etag: W/"1737-1633534398000"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 1737
x-xss-protection: 1; mode=block
x-amz-cf-id: SFTmfQb-AnsxKT_ghyQP3l9ZI_6XRgbrIeUJ_ZW-bhsJmBHqFvVVlA==

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame A768 4 KB
4 KB 8ms
7ms Image
image/png 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/CA997B588C0A4B4B220B823E359467E4.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.129 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-129.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=webmd_iab_prod&layout=iab&site=webmd.com&action=notice&country=de&locale=en&behavior=expressed&privacypolicylink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fprivacy_policy&cookieLink=https%3A%2F%2Fwww.medhelp.org%2Flegal%2Fcalifornia_resident_privacy_notice&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 16:27:47 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 06 Oct 2021 15:33:18 GMT
server: nginx
age: 4288
etag: W/"4197-1633534398000"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 4197
x-xss-protection: 1; mode=block
x-amz-cf-id: RVUVg54uqBDPs8HFAIM289yJSfjMcjvMsRA9z7PL97sKGFvWXXdwnw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: optout.mxptint.net
URL: https://optout.mxptint.net/daastatus.ashx?rd=http://preferences-mgr.truste.com&participant_id=540&action_id=3

Verdicts & Comments Add Verdict or Comment

311 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.medhelp.org/	1970-01-25 09:34:10	Name: guid Value: 47ba483d604b3c0be35cede860a03c9b74ae5805
www.medhelp.org/	1969-12-31 23:59:59	Name: mh_expt Value: 95
www.medhelp.org/	1969-12-31 23:59:59	Name: ccpa_qual Value: 1
.medhelp.org/	1970-01-19 22:05:51	Name: _medhelp_session Value: 739b68b4da1d805fbea4051ece3d572e
.medhelp.org/	1970-01-20 15:35:37	Name: s_fid Value: 099FCDA4F9ADCF1D-080855BA27CB99A0
.medhelp.org/	1969-12-31 23:59:59	Name: s_cc Value: true
.medhelp.org/	1969-12-31 23:59:59	Name: notice_behavior Value: expressed,eu
www.medhelp.org/	1969-12-31 23:59:59	Name: click_zone Value:
.medhelp.org/	1970-01-20 15:35:37	Name: s_vi Value: [CS]v1\|30B7816178629227-60001BE940908532[CE]
.medhelp.org/	1970-01-20 07:33:13	Name: usprivacy Value: 1---
prefmgr-cookie.truste-svc.net/	1970-01-19 22:04:25	Name: cookie_3rdparty Value: enabled
consent-pref.trustarc.com/	1970-01-19 22:04:25	Name: token_test Value: Tue Oct 19 2021 17:39:15 GMT+0000 (GMT)
.retargetly.com/	1970-01-20 02:23:37	Name: _rlid Value: 1ab9d924-2334-43ca-a241-170d47a25207
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 3b7253c814c781a5
.p1.optout.agkn.com/	1969-12-31 23:59:59	Name: optout_token Value: qcDhtLSbliFmYOzFVuhtxEntlULcaDBMnEDcvOFJwToIkxWuSQPWFfvpAISwnpZB

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 540) Message: Mixed Content: The page at 'https://www.medhelp.org/' was loaded over HTTPS, but requested an insecure frame 'http://preferences-mgr.truste.com/token/540/1-1/mpi_token/'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.retargetly.com
bh.contextweb.com
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
fonts.googleapis.com
fonts.gstatic.com
img.webmd.com
my.ipredictive.com
optout.alphonso.tv
optout.crsspxl.com
optout.mxptint.net
optout.thrtle.com
p1.optout.agkn.com
preferences-mgr.truste.com
preferences.bluecava.com
prefmgr-cookie.truste-svc.net
px.owneriq.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssl.o.medhelp.org
use.fontawesome.com
www.googletagservices.com
www.medhelp.org
optout.mxptint.net
104.111.242.53
104.18.4.176
13.224.193.49
13.225.87.122
13.32.121.21
13.36.218.177
142.250.185.194
142.250.185.98
142.250.186.163
142.250.186.42
172.67.141.32
172.67.214.69
172.67.8.244
18.214.90.16
18.66.139.118
198.148.27.140
209.240.97.247
3.212.101.34
3.214.250.204
3.220.38.221
34.202.206.65
34.68.170.46
52.222.236.129
0dd36438fa18f3b2b6a01dc6a086a2a75e08d4fcb429402af280d0b66dce6c8c
11b761e8615df8cbd0cce24b7cf6e6e82e0690d7f34fb625f64f0aebc0dd244d
13b64eac810929d5c8a140f9a28ebec23c9b985399aa87e63789e68978751d0c
1b26143b592dd06b2c5f2dd1a0f15d4879ba64ba9a1eddcb7f467523f7b39e9f
1bab69cf2e5f1debc42bb69422da48a283e32be6d434986ac34dfa8fd9e9332c
25a97b6f96010411d7098a277fc392cf8fe4c024a5bb5ef44b9da7790f0c0022
29dc06ea201d0e4cbcc73a16d9b71ec95d0c583152e1263c9bc3dc171a24e58a
2fc144fae13962c0d391f4a75a0ec528c0aadd48b23acfdb0f296ffd7d339adc
31d8eaf65fe4de61e04a129bba517460d55d0b946b09ea89b481f924932f447d
35c5f61bf352a4472c27905ca5942fbffbbb3792aeff586380f60b6fc1bf539e
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
390b8e033cc07c4c47d9736679f157b548b612f84ab1e364478c58df3f4e2bdc
3a63b08cb83f8be89139d9fb7c61e75a23732097536f3edafb34ee3919dcf367
3c752a1ff8c8d87d82ae2f57146ac68f83228054d4637f224d4a442c04e4738a
3df9ac2352d880af649ed3edf9faf3957ebb5ead544731f0beac85852c3193e7
4ad970c9d9124a32bd600c6761c0b750ea232c876579ea9acb21260cff8f0f23
5800e94eff4cace964213d9ed0baef756f557477ee2e499f26d648762602c6da
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
632a3062eeb1f2004e8f051fd70a11013cd09540e9453eb8c0ecb7fd262ac8ff
63f76e7ee79e9402656c03764121e2f5c9151c95b2d592f951c7dc4917783c8b
6476de96f025b88e64b4c1ffbb75083dc3111120229e03dca5c6eeb7c40db794
687b57559a49ee51efde5e77ba0b04d77c8cdfbc5a0d2563bcf443e23cdb80bf
6ba42eb6e0bbd6aecdda086fe2daa8be80c10d45c1e320125f97b6d69f340776
75b9505ae007f8cc3bc1c5858b2010548ad36d39f1720b71be444a6238b4b8ba
7cba06fb1546569c8e85d06388cc984ee5e50a1d221119a7530d38f77812d2c1
8433cf0afa19d187f41e3608c6ee46b0a0ea47d87529162822e25d689dcab48a
8767b90b34450f819b366f82fae354d2ef1e473956127244915cc2b7dd34adb9
8891eedb325cdaa0450e0d27740ce5d80ce0e9c610555f74e7819dffbab75f3f
88d7e4dfc0c6596495db87af34f2568d1be1537e496ac62dc4891e5576d47f24
892af2ba7758cbe009692eb0bc3e5a3b0fa5a15925d309a0d1fca2c229934982
8e951be89401e9c38abcd215572437245d6432f713d0de7d26c35d0901a24508
8ecf9f99d66dfdac75a1147956d9a75fc5c908ad96e9cc256adcebb2645cde39
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
9349055d19bb021f44b01af60605f607bd8f102667c2761b52da08677ce34b15
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
993f2549c3a055f445ac1cea5e9fe120486a42574637ca3fbb40a7bb2316cea0
9b907063de8094f07be8e867ac24038d5dae93135f2189acf5a30d6d6b139a28
9d611fea965db08b927f49f8f820814689670652e9a4bac5a826528c67c2fb54
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
bbce86ad96e041d59c4bbbf26a486cb04148d837ac62e8db781abaa5d2cfa6ee
bc1f23151d099b4b2db6c4fe9b1adf9c5e81941fc4a37c00b2dd3f038de0ce6a
c439907caa23776eb5cd32fed92b99308e7dd789fcceaae329130da9228c5be4
c64b212490927afa104ba153cd50c22a1d62b89684433c1cb04c423fbb7b737a
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c8962c00b9572699f6f9a5318d1daea87eed271af1ddc9c7db7e51f286bd2211
cf7f72d16b9546274d8ca85efe62bd6bb759d68a9f5dfe76253d4122e1da7df8
d367560de53d283557b5b465ecb65c8527f73106b5435a42c630aa96223aec7e
d552741533bd2b763d29e5005b3ea08e98f57d6f5ba4a2539807e2391082a111
d5edff5a4c0480917679cc167d0770a12c4d1184368caeeb84204b81a14570de
dcb962175ff82e3c1fb17c7906d75887b7e4b3273a0060ddc8ecd5957a53657e
e21c1e726780a0d05b77f5e946caff702a76dd5f4415427270d6fde68b9810b9
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
ea946decdf3bce71e1bd43c48939d8a0bc62ea7fe1e6d3850bcdb941b669b959
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
edb378ec33f8cd7235d0d1451912782c10e64b73851b8005987dfbb2b24b0a1e
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
ee9810611363446daad03f7592002b9aec94b71798db36898d554b61f5157ba4
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
ff7972cc3d2b673e12e2d3b4f1a3f486f8fd3e72f1358f1883e876efb25b66f4
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.medhelp.org Open in urlscan Pro 172.67.141.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

99 %HTTPS

0 %IPv6

21 Domains

24 Subdomains

15 IPs

2 Countries

1786 kBTransfer

4030 kBSize

15 Cookies

3 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.medhelp.org Open in urlscan Pro
172.67.141.32 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

99 %
HTTPS

0 %
IPv6

21
Domains

24
Subdomains

15
IPs

2
Countries

1786 kB
Transfer

4030 kB
Size

15
Cookies

72 HTTP transactions
0 data transactions