urlscan.io logo urlscan.io
SecurityTrails logo

msmedicine.com Open in urlscan Pro
35.208.45.140  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://davidwellslive.com/use
Effective URL: https://msmedicine.com/
Submission: On November 10 via manual from MY — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 16 domains to perform 46 HTTP transactions. The main IP is 35.208.45.140, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is msmedicine.com.
TLS certificate: Issued by R3 on November 5th 2021. Valid for: 3 months.
This is the only time msmedicine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    185.59.63.16 (United Kingdom)

ASN9009 (M247, GB)
davidwellslive.com
12    35.208.45.140 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 140.45.208.35.bc.googleusercontent.com
msmedicine.com
3    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
6    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    143.204.98.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net
static.hotjar.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    143.204.98.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-39.fra50.r.cloudfront.net
script.hotjar.com
1    143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net
vars.hotjar.com
5    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    2606:4700::6811:82ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
1    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    63.32.233.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-233-146.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net
vc.hotjar.io
3    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hubspot.com
track.hubspot.com
Domain Requested by
12 msmedicine.com 1 redirects msmedicine.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 fonts.gstatic.com fonts.googleapis.com
3 connect.facebook.net msmedicine.com
connect.facebook.net
3 www.googletagmanager.com msmedicine.com
www.googletagmanager.com
3 davidwellslive.com 2 redirects
2 forms.hubspot.com js.hscollectedforms.net
js.hsleadflows.net
2 www.facebook.com msmedicine.com
1 track.hubspot.com
1 vc.hotjar.io script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hsleadflows.net js.hs-scripts.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 fonts.googleapis.com ajax.googleapis.com
1 ajax.googleapis.com msmedicine.com
1 static.hotjar.com msmedicine.com
1 js.hs-scripts.com msmedicine.com
46 21

This site contains links to these domains. Also see Links.

Domain
www.msmedicine.com
www.linkedin.com
www.instagram.com
twitter.com
www.facebook.com
www.youtube.com
Subject Issuer Validity Valid
msmedicine.com
R3		 2021-11-05 -
2022-02-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-20 -
2021-11-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.hotjar.io
Amazon		 2021-08-17 -
2022-09-15		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2021-06-26 -
2022-06-25		 a year crt.sh

This page contains 3 frames:

Primary Page: https://msmedicine.com/
Frame ID: 5E1319EE9D740E0F6084A2BF9661DAB9
Requests: 46 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-028f986f575e1b13474634857daa6bfc.html
Frame ID: AE1216B3916E15655839D835C782E86C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 248BECCC4D7CC29CE90E3794611F2F27
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Women's Primary Care | Concierge Women's Health | Ms.Medicine

Page URL History Show full URLs

  1. http://davidwellslive.com/use HTTP 301
    http://davidwellslive.com/use/ HTTP 302
    http://davidwellslive.com/use/check.php?newtoken=MTYzNjU3MDE0OWMzMzcwMmUxNjdjNzE1NDAwNTViMzY0NGRjYzhmN... Page URL
  2. https://msmedicine.com/home/ HTTP 301
    https://msmedicine.com/ Page URL

Page Statistics

46
Requests

98 %
HTTPS

65 %
IPv6

16
Domains

21
Subdomains

21
IPs

4
Countries

1376 kB
Transfer

4172 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://davidwellslive.com/use HTTP 301
    http://davidwellslive.com/use/ HTTP 302
    http://davidwellslive.com/use/check.php?newtoken=MTYzNjU3MDE0OWMzMzcwMmUxNjdjNzE1NDAwNTViMzY0NGRjYzhmNmE3ZDc4YmJmOTkwNWFhMWYwZTFlYzM4Yzc1NDQ1YjQ5MTg0YzY3NzdjOQ== Page URL
  2. https://msmedicine.com/home/ HTTP 301
    https://msmedicine.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://davidwellslive.com/use HTTP 301
  • http://davidwellslive.com/use/ HTTP 302
  • http://davidwellslive.com/use/check.php?newtoken=MTYzNjU3MDE0OWMzMzcwMmUxNjdjNzE1NDAwNTViMzY0NGRjYzhmNmE3ZDc4YmJmOTkwNWFhMWYwZTFlYzM4Yzc1NDQ1YjQ5MTg0YzY3NzdjOQ==

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
check.php
davidwellslive.com/use/
Redirect Chain
  • http://davidwellslive.com/use
  • http://davidwellslive.com/use/
  • http://davidwellslive.com/use/check.php?newtoken=MTYzNjU3MDE0OWMzMzcwMmUxNjdjNzE1NDAwNTViMzY0NGRjYzhmNmE3ZDc4YmJmOTkwNWFhMWYwZTFlYzM4Yzc1NDQ1YjQ5MTg0YzY3NzdjOQ==
195 B
538 B 		Document
General
Check archive.org
Download Go to
Full URL
http://davidwellslive.com/use/check.php?newtoken=MTYzNjU3MDE0OWMzMzcwMmUxNjdjNzE1NDAwNTViMzY0NGRjYzhmNmE3ZDc4YmJmOTkwNWFhMWYwZTFlYzM4Yzc1NDQ1YjQ5MTg0YzY3NzdjOQ==
Protocol
HTTP/1.1
Server
185.59.63.16 , United Kingdom, ASN9009 (M247, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

Server
nginx
Date
Wed, 10 Nov 2021 18:49:09 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 10 Nov 2021 18:49:09 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
check.php?newtoken=MTYzNjU3MDE0OWMzMzcwMmUxNjdjNzE1NDAwNTViMzY0NGRjYzhmNmE3ZDc4YmJmOTkwNWFhMWYwZTFlYzM4Yzc1NDQ1YjQ5MTg0YzY3NzdjOQ==
Strict-Transport-Security
max-age=31536000
Primary Request /
msmedicine.com/
Redirect Chain
  • https://msmedicine.com/home/?
  • https://msmedicine.com/
51 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://msmedicine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.45.140 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.45.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4590a8e0a899b2443abbddeea532dc69454891731ca7981238ea17a2f921b338

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://davidwellslive.com/

Response headers

server
nginx
date
Wed, 10 Nov 2021 18:49:10 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
link
<https://msmedicine.com/wp-json/>; rel="https://api.w.org/", <https://msmedicine.com/wp-json/wp/v2/pages/25576>; rel="alternate"; type="application/json", <https://msmedicine.com/>; rel=shortlink
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
content-encoding
br

Redirect headers

server
nginx
date
Wed, 10 Nov 2021 18:49:10 GMT
content-type
text/html; charset=UTF-8
location
https://msmedicine.com/
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
x-redirect-by
WordPress
x-httpd
1
host-header
6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_NO_CACHE
autoptimize_3ccafd9bc5c0c00f7769f9d021d5126f.css
msmedicine.com/wp-content/cache/autoptimize/css/ 		834 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://msmedicine.com/wp-content/cache/autoptimize/css/autoptimize_3ccafd9bc5c0c00f7769f9d021d5126f.css
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.45.140 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.45.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3c3bd99790506ffc1957de030daec642788fbe73f3695bcaf4344435963cdb68

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:11 GMT
content-encoding
br
last-modified
Tue, 26 Oct 2021 16:46:26 GMT
server
nginx
etag
W/"d0891-5cf4437f39c28"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-httpd
1
expires
Sun, 16 Oct 2022 17:03:04 GMT
cache-control
max-age=30672000, public, immutable
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-83295550-7
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d1c9b9b5f75f986db78890b383a65ed3e9e5c13f5f4fe99d3ff287630948893
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Nov 2021 18:49:11 GMT
jquery.min.js
msmedicine.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msmedicine.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.45.140 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.45.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:11 GMT
content-encoding
br
last-modified
Wed, 06 Oct 2021 02:51:30 GMT
server
nginx
etag
W/"15db1-5cda6392862d2"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
js
www.googletagmanager.com/gtag/ 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6MEMRFVRF
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c21e378e74ad2d1f5bdaab545bbfce94e31fdefec6d454455d06a30ab0e1928
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:11 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61675
x-xss-protection
0
expires
Wed, 10 Nov 2021 18:49:11 GMT
lazysizes.min.js
msmedicine.com/wp-content/plugins/autoptimize/classes/external/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msmedicine.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.9.2
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.45.140 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.45.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:11 GMT
content-encoding
br
last-modified
Wed, 06 Oct 2021 02:50:16 GMT
server
nginx
etag
W/"2655-5cda634c078fb"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
6296476.js
js.hs-scripts.com/ 		2 KB
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/6296476.js?integration=WordPress
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74db448a6071ee7a51f9832d326b62dbdd1852c7b518b53dd56240d820596070

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
x-hubspot-correlation-id
b6f2fbc1-a30c-4992-ac80-9dfc3f911a12
last-modified
Wed, 10 Nov 2021 18:49:11 GMT
server
cloudflare
x-trace
2B0359610A882860A543DA455CB5406F1E6358AC45000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://msmedicine.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
6ac17597ff53f91f-MXP
expires
Wed, 10 Nov 2021 18:50:11 GMT
autoptimize_dd43c73d0920e5f70cc41c31cf6033d9.js
msmedicine.com/wp-content/cache/autoptimize/js/ 		688 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msmedicine.com/wp-content/cache/autoptimize/js/autoptimize_dd43c73d0920e5f70cc41c31cf6033d9.js
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.45.140 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.45.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8a786eb1632ae0ee19e12591310600c066da53b54dbe77a7b2c59c82d456b27d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:11 GMT
content-encoding
br
last-modified
Tue, 26 Oct 2021 16:46:26 GMT
server
nginx
etag
W/"ac037-5cf4437f2a60a"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-httpd
1
expires
Sun, 16 Oct 2022 17:03:04 GMT
cache-control
max-age=30672000, public, immutable
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-83295550-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2917
date
Wed, 10 Nov 2021 18:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 10 Nov 2021 20:00:34 GMT
wp-emoji-release.min.js
msmedicine.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msmedicine.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.45.140 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.45.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:11 GMT
content-encoding
br
last-modified
Wed, 06 Oct 2021 02:51:30 GMT
server
nginx
etag
W/"4705-5cda639286e8b"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
hotjar-1933004.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1933004.js?sv=5
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-76.fra50.r.cloudfront.net
Software
/
Resource Hash
af043c9922a2128816ed09ced1d35916d979f4f5d31d827e1906a0c1d1a2e09c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:11 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA50-C1
etag
W/e5c583ed160162db39f3f005a5e0cf56
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
pQD36p8zv4mFgzS7QtVm5MxW83TbsI-Ups-mMSxsNx9tUl4RBCxzsQ==
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
RiVmAUc380iFQgQF6QAmms3Xe1ZX5R0+pwTVOUbTuSgvmiLA9YoFJVEfCa0hnekynixejfIJPb3Lehsc1ih1QQ==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Wed, 10 Nov 2021 18:49:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 07:34:13 GMT
x-content-type-options
nosniff
age
472498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13188
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 05 Nov 2022 07:34:13 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0540314a79dcc90926fe1eb30d41de3d19cc0580fc62d22c8236541a88500d1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
fa-brands-400.woff2
msmedicine.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://msmedicine.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/wp-content/cache/autoptimize/css/autoptimize_3ccafd9bc5c0c00f7769f9d021d5126f.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.45.140 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.45.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer
https://msmedicine.com/wp-content/cache/autoptimize/css/autoptimize_3ccafd9bc5c0c00f7769f9d021d5126f.css
Origin
https://msmedicine.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:11 GMT
last-modified
Wed, 06 Oct 2021 02:50:11 GMT
server
nginx
etag
"12bdc-5cda634718fdd"
content-type
font/woff2
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
76764
x-proxy-cache
HIT
js
www.googletagmanager.com/gtag/ 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y6MEMRFVRF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-83295550-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cbec22d82437f484636d7e594d3dccd374547b0740f20e75655d171ec02d3143
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:11 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61693
x-xss-protection
0
expires
Wed, 10 Nov 2021 18:49:11 GMT
collect
www.google-analytics.com/g/ 		0
170 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6MEMRFVRF&gtm=2oeb80&_p=1570852009&sr=1600x1200&gdid=dZGIzZG&ul=en-us&cid=341489132.1636570152&_s=1&dl=https%3A%2F%2Fmsmedicine.com%2F&dr=http%3A%2F%2Fdavidwellslive.com%2F&dt=Women%27s%20Primary%20Care%20%7C%20Concierge%20Women%27s%20Health%20%7C%20Ms.Medicine&sid=1636570151&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y6MEMRFVRF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://msmedicine.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 18:49:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://msmedicine.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
MM-Logo-New_2020.svg
msmedicine.com/wp-content/uploads/2019/03/ 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://msmedicine.com/wp-content/uploads/2019/03/MM-Logo-New_2020.svg
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.45.140 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.45.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
56dcecacb222104aea655e3c65af4ff95caca70cf3426cb1e0d2f69660baa914

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:11 GMT
content-encoding
br
last-modified
Wed, 08 Jul 2020 22:40:08 GMT
server
nginx
etag
W/"3037-5a9f5ca3b0d19"
vary
Accept-Encoding
content-type
image/svg+xml
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
1-hero.jpg
msmedicine.com/wp-content/uploads/2021/07/ 		245 KB
246 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://msmedicine.com/wp-content/uploads/2021/07/1-hero.jpg
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.45.140 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.45.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5874d40b50e090bae13a86eb3c0386e2618eb35a332057fa0b98be3d8b5a0ba5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:11 GMT
last-modified
Fri, 23 Jul 2021 02:41:21 GMT
server
nginx
etag
"3d548-5c7c156c48980"
content-type
image/jpeg
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
251208
x-proxy-cache
HIT
css
fonts.googleapis.com/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CKarla:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c1494468dc0bec5d12c6f37124fb84f035a76cdacc1943fd188ae14aca3f3d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:49:11 GMT
server
ESF
date
Wed, 10 Nov 2021 18:49:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Nov 2021 18:49:11 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
20661
x-xss-protection
0
pragma
public
x-fb-debug
lmFYznIiEjR9ABBAdsawtGvtEgsbfp7ba221jXV1qVvtG9NOOC+xutCgqQZhkYoJmlPPhePugdNm0V7friSdWA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 10 Nov 2021 18:49:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
223497126082850
connect.facebook.net/signals/config/ 		305 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/223497126082850?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
30902e9af1f180907c0bb1d3530720c4e82a2e1f702f1b54894a6376c2403d4f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
jeEA3ElWkP5cXcKfByhlTRue1kFKsxzfw5bFWk3OPRrDQgr+9VR0krqEre00ewIIH1HxPAHU7e0K/nC18wh61w==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 10 Nov 2021 18:49:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:34:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
881
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 10 Nov 2021 19:34:30 GMT
modules.dad547d55d09325865c9.js
script.hotjar.com/ 		224 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.dad547d55d09325865c9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1933004.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-39.fra50.r.cloudfront.net
Software
/
Resource Hash
d9ebe24a565a41a87adc5de5b4c0e8ca3d478af54d64d315c32ad0425ce991ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 17:26:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
4985
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
60319
access-control-allow-origin
*
last-modified
Wed, 10 Nov 2021 17:25:15 GMT
etag
"20ec4d522a02fcf0254cd43ea667f540"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
UvCFp3BtLDBWrhFaDawGmLYDGodKp89tBA09Iq1P5KAX9YDWNxc-bA==
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1570852009&t=pageview&_s=1&dl=https%3A%2F%2Fmsmedicine.com%2F&dr=http%3A%2F%2Fdavidwellslive.com%2F&ul=en-us&de=UTF-8&dt=Women%27s%20Primary%20Care%20%7C%20Concierge%20Women%27s%20Health%20%7C%20Ms.Medicine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUIhAAAAAC~&jid=1265047424&gjid=1658174146&cid=341489132.1636570152&tid=UA-83295550-7&_gid=1076458656.1636570152&_r=1&gtm=2oub80&did=dZGIzZG&gdid=dZGIzZG&z=70704111
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://msmedicine.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 18:49:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://msmedicine.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-028f986f575e1b13474634857daa6bfc.html
vars.hotjar.com/ Frame AE12 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-028f986f575e1b13474634857daa6bfc.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1933004.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-123.fra50.r.cloudfront.net
Software
/
Resource Hash
8b975e3e6910f571ee21a21922394a133e7cfd1ae1207bab6d5a629c142321aa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/

Response headers

content-type
text/html
content-length
1044
date
Mon, 08 Nov 2021 14:05:14 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"1502011b9c345a816e17e09cda9762e1"
last-modified
Wed, 20 Oct 2021 10:53:36 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
eAWklzEXDinjabZGG677MA1g9oFy0JjY9s3kUajjb-9Krpp-RF4pyg==
age
189837
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CKarla:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://msmedicine.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 16:15:59 GMT
x-content-type-options
nosniff
age
527592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 04 Nov 2022 16:15:59 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CKarla:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://msmedicine.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 22:04:31 GMT
x-content-type-options
nosniff
age
593080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 03 Nov 2022 22:04:31 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CKarla:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://msmedicine.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 17:53:46 GMT
x-content-type-options
nosniff
age
89725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 09 Nov 2022 17:53:46 GMT
pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiGyp8kv8JHgFVrJJLucHtA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CKarla:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f41bc54bcb1241a706432b6ca646835b27140a2eca0f50595ac4fbdd9eeef0f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://msmedicine.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 05:28:19 GMT
x-content-type-options
nosniff
age
480052
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8656
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 05 Nov 2022 05:28:19 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CKarla:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://msmedicine.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:32:05 GMT
x-content-type-options
nosniff
age
134226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 09 Nov 2022 05:32:05 GMT
fa-solid-900.woff2
msmedicine.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://msmedicine.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/wp-content/cache/autoptimize/css/autoptimize_3ccafd9bc5c0c00f7769f9d021d5126f.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.45.140 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.45.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer
https://msmedicine.com/wp-content/cache/autoptimize/css/autoptimize_3ccafd9bc5c0c00f7769f9d021d5126f.css
Origin
https://msmedicine.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:12 GMT
last-modified
Wed, 06 Oct 2021 02:50:11 GMT
server
nginx
etag
"13174-5cda6347197ae"
content-type
font/woff2
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
78196
x-proxy-cache
HIT
eicons.woff2
msmedicine.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/ 		87 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://msmedicine.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.10.0
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.208.45.140 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.45.208.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
772a939fe72b662d152060e58932d5a64a8eeb3ec32c39335da803ad4e5d4ca8

Request headers

Referer
https://msmedicine.com/
Origin
https://msmedicine.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:12 GMT
last-modified
Wed, 06 Oct 2021 02:50:11 GMT
server
nginx
etag
"15d64-5cda634717485"
content-type
font/woff2
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
89444
x-proxy-cache
HIT
leadflows.js
js.hsleadflows.net/ 		537 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6296476.js?integration=WordPress
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b38803f733f36ff943399e6539b7fe1fa26611706ce6878b5b21c6a4f96ec862

Request headers

Referer
https://msmedicine.com/
Origin
https://msmedicine.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:12 GMT
via
1.1 0920aeb1eced22df07c9ece1cab0a555.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
age
16051
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1056/bundle/main/lead-flows-release.js&cfRay=6abfedb96f8f5a1f-MXP
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
cf-ray
6ac1759adab63746-MXP
last-modified
Thu, 23 Sep 2021 09:11:54 UTC
server
cloudflare
etag
W/"9af442c5acbde436228f228f7502bfc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
BdP6Nyyw4.FdbyHhgb7cfRPPJ2MC6STP
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
IAD89-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
2ehyO-9Ql_37H8HJMhmnHxcQgjy4HH8cjRIQW_Ba3CMSAToM-Z45BQ==
x-hs-target-asset
lead-flows-js/static-1.1056/bundle/main/lead-flows-release.js
collectedforms.js
js.hscollectedforms.net/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6296476.js?integration=WordPress
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0e8f49ce2aa1c4720cc187c184c8d800182aea43645aa3193c0614703d0c8f4

Request headers

Referer
https://msmedicine.com/
Origin
https://msmedicine.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:12 GMT
via
1.1 3d65275b81abaf880be10de6f2c71e9b.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
MISS
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.247/bundles/project.js&cfRay=6ac1759adfdf375c-EWR
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
cf-ray
6ac1759adfdf375c-MXP
last-modified
Tue, 28 Sep 2021 10:08:32 UTC
server
cloudflare
etag
W/"a5dc58d02593ddd2c3c6bbe2230fc074"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
s1CYAXlTSydz_cSjotzU3Em8FOsfSJIb
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
content-type
application/javascript; charset=utf-8
x-amz-cf-id
B_vbi8f6BHndnh_DCh2Ux9sKYbjpWUmrCiI55ilcDysDhZTRy7avkA==
x-hs-target-asset
collected-forms-embed-js/static-1.247/bundles/project.js
6296476.js
js.hs-banner.com/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/6296476.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6296476.js?integration=WordPress
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a960ba7689ccb240a57e800e0d61126df9018e57a9cdb62001375c861b392d4b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:12 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
7XZQN30AVSVDF7V0
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
sGJXxQITZvBg2wZ5gOkJB2/ojBXee2fSVm3t/a3f8/daW1owlWpRvcYKCo2+7ZPm17VLhgka3z4=
timing-allow-origin
*
last-modified
Fri, 03 Sep 2021 20:32:46 GMT
server
cloudflare
etag
W/"2c7bb562f908b2719f8b898e1855018d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
BwUrSF0zJ7uF4coJko2cDo_9OE9.M6_W
access-control-allow-origin
https://msmedicine.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
6ac1759adbe00e1a-MXP
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Wed, 10 Nov 2021 18:54:12 GMT
6296476.js
js.hs-analytics.net/analytics/1636569900000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1636569900000/6296476.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6296476.js?integration=WordPress
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c0433ab54f178a643c264b52a1283c8a4bee0258e6b1cf5e445d72c44a854da

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:12 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
7XZW2PY63N3QDC2Q
x-amz-server-side-encryption
AES256
cf-ray
6ac1759ad8095a31-MXP
x-amz-id-2
e96XJgrdDkxDVaQ4w+/ndWiiZ22Wtxe21WPc7qlrOSXdM4fbSaSPtdS62nOfjkU2TePHMK65clU=
last-modified
Fri, 13 Aug 2021 16:03:50 GMT
server
cloudflare
etag
W/"71f84c73ffffd951134b7e09476ae2c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Wed, 10 Nov 2021 18:54:12 GMT
/
www.facebook.com/tr/ 		44 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=223497126082850&ev=PageView&dl=https%3A%2F%2Fmsmedicine.com%2F&rl=http%3A%2F%2Fdavidwellslive.com%2F&if=false&ts=1636570151958&sw=1600&sh=1200&v=2.9.48&r=stable&a=wordpress-5.8.1-3.0.6&ec=0&o=30&fbp=fb.1.1636570151957.1445488963&it=1636570151639&coo=false&rqm=GET
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 10 Nov 2021 18:49:12 GMT
visit-data
in.hotjar.com/api/v2/client/sites/1933004/ 		146 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1933004/visit-data?sv=5
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.dad547d55d09325865c9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.233.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-233-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1f93261e6db2c54e59dd3384dbb44d59a47c0118c3526bec3a3e5f52925e5243

Request headers

Referer
https://msmedicine.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 10 Nov 2021 18:49:12 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
1933004
vc.hotjar.io/sessions/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/1933004?s=0.25&r=0.15589402506253758
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.dad547d55d09325865c9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-32.fra50.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:12 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
hyBEQlg4Nd9IuoB7OZPaiwlTVUapSaxgVeD9dwgV6ENjKkvg_wlENw==
json
forms.hubspot.com/collected-forms/v1/config/ 		115 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=6296476&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b04ae115d868f662289ca960c9482e7ee42831ada37c053f08fb164b06bbf6e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://msmedicine.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
e2ba1123-3845-4e7d-8616-a745c11d3f52
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5PyXk2WSnzg45h9v3CIvtOBr0papkwxxGH8UgfN%2Fr8SHAHnMAIG3RCL8WmQBgqfpM4vFZcMjBtGgOdHyKBnruuRg58FVjc8oozDhT67tcoIAXA1NFieIdbHZMUNDdaD9INjXQYTxEg320UnHHxt"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://msmedicine.com
x-robots-tag
none
access-control-allow-credentials
false
cf-ray
6ac1759dea233746-MXP
access-control-allow-headers
*
/
www.facebook.com/tr/ Frame 248B 		0
83 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: msmedicine.com
URL: https://msmedicine.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://msmedicine.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://msmedicine.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
date
Wed, 10 Nov 2021 18:49:12 GMT
__ptq.gif
track.hubspot.com/ 		45 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2427650321&v=1.1&a=6296476&ct=standard-page&rcu=https%3A%2F%2Fmsmedicine.com%2F&r=http%3A%2F%2Fdavidwellslive.com%2F&pu=https%3A%2F%2Fmsmedicine.com%2F&t=Women%27s+Primary+Care+%7C+Concierge+Women%27s+Health+%7C+Ms.Medicine&cts=1636570152748&vi=1b664873e8857257089dbb5296aa2bfd&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:13 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
723ad8fc-fe9e-4d79-beda-24298decadb4
cf-ray
6ac1759ffba25995-MXP
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pty46SBGbjm5UfU3xHsa6qsEQG9Ss1XXjxKvX8E%2F9vwVo%2BZlUA2aGOK47GPPpBQQbW%2FWvxMEOvW%2FyLbsD1qyblqgAU51ydqQggB6B3Dr8DYw624ssQ%2FSiIac6v%2B0Z6S%2FdlNjk7SSiyTowN5OL8%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1570852009&t=timing&_s=2&dl=https%3A%2F%2Fmsmedicine.com%2F&dr=http%3A%2F%2Fdavidwellslive.com%2F&ul=en-us&de=UTF-8&dt=Women%27s%20Primary%20Care%20%7C%20Concierge%20Women%27s%20Health%20%7C%20Ms.Medicine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3403&pdt=3&dns=0&rrt=1432&srt=146&tcp=0&dit=2198&clt=2502&_gst=2094&_gbt=2313&_cst=2089&_cbt=1844&_u=aCDAAUIhAAAAAC~&jid=&gjid=&cid=341489132.1636570152&tid=UA-83295550-7&_gid=1076458656.1636570152&gtm=2oub80&z=830225440
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 04:49:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50368
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
json
forms.hubspot.com/lead-flows-config/v1/config/ 		167 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=6296476&utk=1b664873e8857257089dbb5296aa2bfd&__hstc=29134307.1b664873e8857257089dbb5296aa2bfd.1636570152741.1636570152741.1636570152741.1&__hssc=29134307.1.1636570152742&referrer=http%3A%2F%2Fdavidwellslive.com%2F&currentUrl=https%3A%2F%2Fmsmedicine.com%2F
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f909663bce7c22593a2979b23bc8b04c65bf93e602c2ef1a00767f9c699e14b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://msmedicine.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
0f17542c-8f23-4500-b4cc-f10c6a3d8b50
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag
none
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHgN%2BXhcALTBmwYD49B9HD%2FeU8fHCJ47giKuFPwuZxFzKxAR50fhyOIKHHteXX8z0mjnSQE0JApeDNq4QbeMWSDpk%2FwSQLpjhNeglbX4wZ%2Bo51k%2BWSQIadb%2F6DnlWs9vF1jSRsiYUm46WsRIPsqb"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://msmedicine.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
6ac1759f3d7e3746-MXP
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y6MEMRFVRF&gtm=2oeb80&_p=1570852009&sr=1600x1200&gdid=dZGIzZG&ul=en-us&cid=341489132.1636570152&_s=2&dl=https%3A%2F%2Fmsmedicine.com%2F&dr=http%3A%2F%2Fdavidwellslive.com%2F&dt=Women%27s%20Primary%20Care%20%7C%20Concierge%20Women%27s%20Health%20%7C%20Ms.Medicine&sid=1636570151&sct=1&seg=0&en=optimize.callback&_et=457&ep.callback=function(e%2Ct%2Cn)%7Bhj.log.debug(%22Experiment%20with%20ID%3A%20%22.concat(t%2C%22%20is%20on%20variant%3A%20%22).concat(e)%2C%22integrations.google_optimize%22)%2Chj.event.signal(%22exp.go%22%2C%7BexperimentId%3At%2CvariantId%3Ae%2CcontainerId%3An%7D)%7D
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y6MEMRFVRF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://msmedicine.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 18:49:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://msmedicine.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| WebFontConfig object| google_tag_manager object| dataLayer string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| MonsterInsightsDualTracker object| google_tag_data string| GoogleAnalyticsObject function| ga function| gtag function| __gaTracker object| _wpemojiSettings object| monsterinsights_frontend undefined| $ function| jQuery object| _hsq object| hbspt function| hj object| _hjSettings function| fbq function| _fbq object| lazySizesConfig object| leadin_wordpress object| ElementorProFrontendConfig object| elementorFrontendConfig object| gaGlobal function| onYouTubeIframeAPIReady object| lazySizes object| WebFont object| gaplugins object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| twemoji object| wp function| MonsterInsights object| MonsterInsightsObject function| a object| ___FONT_AWESOME___ object| fontawesome-free-shims object| Foundation object| addComment object| webpackChunkelementor_pro object| webpackChunkelementor object| elementorModules object| core object| elementorProFrontend function| Waypoint function| Swiper function| ShareLink object| DialogsManager object| elementorFrontend object| regeneratorRuntime function| Sticky object| _hsp object| globalRoot undefined| hns function| bindToWindowOnError function| defineProperties object| leadflows object| hubspot function| OutpostErrorReporter boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| hubspot_mailcheck undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| _paq function| sanitizeKey boolean| _hstc_loaded object| __hsCollectedFormsDebug boolean| _hspb_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran boolean| LEAD_FLOW_DOCUMENT_READY_RAN

16 Cookies

Domain/Path Name / Value
davidwellslive.com/ Name: PHPSESSID
Value: 8ksqt4b24haupj6ms57ndvi1su
.msmedicine.com/ Name: _ga
Value: GA1.2.341489132.1636570152
.msmedicine.com/ Name: _gid
Value: GA1.2.1076458656.1636570152
.msmedicine.com/ Name: _gat_gtag_UA_83295550_7
Value: 1
.msmedicine.com/ Name: _hjid
Value: 3a245221-1b0b-4bdd-a96d-a6eaaf9eb426
.msmedicine.com/ Name: _hjFirstSeen
Value: 1
.msmedicine.com/ Name: _fbp
Value: fb.1.1636570151957.1445488963
msmedicine.com/ Name: _hjIncludedInPageviewSample
Value: 1
.msmedicine.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.msmedicine.com/ Name: _ga_Y6MEMRFVRF
Value: GS1.1.1636570151.1.0.1636570152.0
.facebook.com/ Name: fr
Value: 0wE3rtdK2AJB70Jxs..BhjBQo...1.0.BhjBQo.
.msmedicine.com/ Name: __hstc
Value: 29134307.1b664873e8857257089dbb5296aa2bfd.1636570152741.1636570152741.1636570152741.1
.msmedicine.com/ Name: hubspotutk
Value: 1b664873e8857257089dbb5296aa2bfd
.msmedicine.com/ Name: __hssrc
Value: 1
.msmedicine.com/ Name: __hssc
Value: 29134307.1.1636570152742
.hubspot.com/ Name: __cf_bm
Value: x9z_bdWU2IcIZizsi13w3fE7AhqIbe6lXK.oprfpgjI-1636570153-0-ASyvGV/QpX06GGZTE24e3Uu4SG1iv6byNn9dz7U+SckgUbaYv87ZsFaynTxnojlzIPHoJUWzJdnnhxc7vJ4AVjY=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
connect.facebook.net
davidwellslive.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsleadflows.net
msmedicine.com
script.hotjar.com
static.hotjar.com
track.hubspot.com
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
143.204.98.123
143.204.98.32
143.204.98.39
143.204.98.76
185.59.63.16
2606:4700::6811:45b0
2606:4700::6811:82ab
2606:4700::6811:d4cc
2606:4700::6811:e9cc
2606:4700::6812:15bf
2606:4700::6813:9a53
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82f::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.208.45.140
63.32.233.146
0d1c9b9b5f75f986db78890b383a65ed3e9e5c13f5f4fe99d3ff287630948893
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c21e378e74ad2d1f5bdaab545bbfce94e31fdefec6d454455d06a30ab0e1928
1f93261e6db2c54e59dd3384dbb44d59a47c0118c3526bec3a3e5f52925e5243
30902e9af1f180907c0bb1d3530720c4e82a2e1f702f1b54894a6376c2403d4f
3c3bd99790506ffc1957de030daec642788fbe73f3695bcaf4344435963cdb68
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
4590a8e0a899b2443abbddeea532dc69454891731ca7981238ea17a2f921b338
56dcecacb222104aea655e3c65af4ff95caca70cf3426cb1e0d2f69660baa914
5874d40b50e090bae13a86eb3c0386e2618eb35a332057fa0b98be3d8b5a0ba5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f909663bce7c22593a2979b23bc8b04c65bf93e602c2ef1a00767f9c699e14b
74db448a6071ee7a51f9832d326b62dbdd1852c7b518b53dd56240d820596070
772a939fe72b662d152060e58932d5a64a8eeb3ec32c39335da803ad4e5d4ca8
7c0433ab54f178a643c264b52a1283c8a4bee0258e6b1cf5e445d72c44a854da
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a786eb1632ae0ee19e12591310600c066da53b54dbe77a7b2c59c82d456b27d
8b975e3e6910f571ee21a21922394a133e7cfd1ae1207bab6d5a629c142321aa
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9c1494468dc0bec5d12c6f37124fb84f035a76cdacc1943fd188ae14aca3f3d8
a0e8f49ce2aa1c4720cc187c184c8d800182aea43645aa3193c0614703d0c8f4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
a960ba7689ccb240a57e800e0d61126df9018e57a9cdb62001375c861b392d4b
af043c9922a2128816ed09ced1d35916d979f4f5d31d827e1906a0c1d1a2e09c
b04ae115d868f662289ca960c9482e7ee42831ada37c053f08fb164b06bbf6e6
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b38803f733f36ff943399e6539b7fe1fa26611706ce6878b5b21c6a4f96ec862
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c0540314a79dcc90926fe1eb30d41de3d19cc0580fc62d22c8236541a88500d1
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
cbec22d82437f484636d7e594d3dccd374547b0740f20e75655d171ec02d3143
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d9ebe24a565a41a87adc5de5b4c0e8ca3d478af54d64d315c32ad0425ce991ce
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f41bc54bcb1241a706432b6ca646835b27140a2eca0f50595ac4fbdd9eeef0f5