www.medicaresearcher.com Open in urlscan Pro
18.173.187.95 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.medicaresearcher.com/v_medsear_x15/step2.html
Submission: On September 13 via manual (September 13th 2023, 3:39:02 pm UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 13 domains to perform 49 HTTP transactions. The main IP is 18.173.187.95, located in United States and belongs to AMAZON-02, US. The main domain is www.medicaresearcher.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on September 4th 2023. Valid for: a year.

This is the only time www.medicaresearcher.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	18.173.187.95 18.173.187.95	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 6	44.196.195.84 44.196.195.84	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:26d... 2600:9000:26db:f600:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	34.96.67.224 34.96.67.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.188.78 18.66.188.78	16509 (AMAZON-02) (AMAZON-02)
1	34.102.232.42 34.102.232.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	3.226.176.119 3.226.176.119	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	18.173.184.195 18.173.184.195	16509 (AMAZON-02) (AMAZON-02)
1	34.194.117.67 34.194.117.67	14618 (AMAZON-AES) (AMAZON-AES)
49	18

17 18.173.187.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-95.muc50.r.cloudfront.net

www.medicaresearcher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 44.196.195.84 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-195-84.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26db:f600:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.siftscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.188.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-188-78.muc50.r.cloudfront.net

d1tprjo2w7krrh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com

hexagon-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.226.176.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-176-119.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.184.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-184-195.muc50.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.117.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-117-67.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	medicaresearcher.com www.medicaresearcher.com	233 KB
8	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 27519 cdn.trustedform.com — Cisco Umbrella Rank: 32630	42 KB
7	leadid.com create.leadid.com — Cisco Umbrella Rank: 16882	4 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44 region1.google-analytics.com — Cisco Umbrella Rank: 2288	21 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 419 fonts.googleapis.com — Cisco Umbrella Rank: 56	176 KB
2	cloudfront.net d1tprjo2w7krrh.cloudfront.net d2m2wsoho8qq12.cloudfront.net	126 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	172 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 3854	2 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 17926	2 KB
1	hexagon-analytics.com hexagon-analytics.com — Cisco Umbrella Rank: 5616	297 B
1	siftscience.com cdn.siftscience.com — Cisco Umbrella Rank: 10237	21 KB
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3751	8 KB
49	13

	Domain	Requested by
17	www.medicaresearcher.com	www.medicaresearcher.com ajax.googleapis.com
7	create.leadid.com	d1tprjo2w7krrh.cloudfront.net deviceid.trueleadid.com
6	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.trustedform.com	www.medicaresearcher.com api.trustedform.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	www.medicaresearcher.com www.google-analytics.com
2	dev.visualwebsiteoptimizer.com	www.medicaresearcher.com
2	ajax.googleapis.com	www.medicaresearcher.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	d1tprjo2w7krrh.cloudfront.net
1	region1.google-analytics.com	www.googletagmanager.com
1	hexagon-analytics.com	www.medicaresearcher.com
1	d1tprjo2w7krrh.cloudfront.net	www.medicaresearcher.com
1	cdn.siftscience.com	www.medicaresearcher.com
1	fonts.googleapis.com	www.medicaresearcher.com
1	netdna.bootstrapcdn.com	www.medicaresearcher.com
49	17

This site contains links to these domains. Also see Links.

Domain
privacyportal-cdn.cookiepro.com
www.allaboutcookies.org
leginfo.legislature.ca.gov
privacyportal.cookiepro.com

Subject Issuer	Validity	Valid
medicaresearcher.com Amazon RSA 2048 M01	`2023-09-04` - `2024-10-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.siftscience.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-10` - `2024-02-10`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.hexagon-analytics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-31` - `2023-12-01`	a year	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-08-21` - `2024-09-17`	a year	crt.sh
*.trustedform.com Amazon RSA 2048 M03	`2023-08-11` - `2024-09-07`	a year	crt.sh
cdn.trustedform.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh
deviceid.trueleadid.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-06`	10 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.medicaresearcher.com/v_medsear_x15/step2.html
Frame ID: 4E9AC5140C1CF79CE9A4D3BDEDB24690
Requests: 46 HTTP requests in this frame

Frame: https://www.medicaresearcher.com/consumer/pixels.php?page=2
Frame ID: 09082D8F2578CE6ADC1D7A9D6C862098
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=A3744457-62C3-DAB6-2C35-37D1764142AA&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=5A020F49-2BA7-3B7D-AEC8-196822FC1647&lac=F6A97670-85B6-6871-F5AC-BBA6473267E7
Frame ID: 62C256A6988D34CBE280B9849772C5C8
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=A3744457-62C3-DAB6-2C35-37D1764142AA&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=5A020F49-2BA7-3B7D-AEC8-196822FC1647&lac=F6A97670-85B6-6871-F5AC-BBA6473267E7
Frame ID: FDE0224933FA0A742494D336DFDCBBDA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MedicareSearcher

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Sift (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.sift(?:science)?\.com/s\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

98 %
HTTPS

47 %
IPv6

13
Domains

17
Subdomains

18
IPs

2
Countries

864 kB
Transfer

1525 kB
Size

11
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://privacyportal-cdn.cookiepro.com/dsarwebform/ecd5f370-50ae-428c-8fdb-6ea08e183d40/4ac0fcb1-64bb-44c6-9a7d-21ccc7deba6a.html
Title: Data Request

Search URL Search Domain Scan URL

URL: http://www.allaboutcookies.org/
Title: http://www.allaboutcookies.org.

Search URL Search Domain Scan URL

URL: https://leginfo.legislature.ca.gov/faces/codes_displayText.xhtml?division=3.&part=4.&lawCode=CIV&title=1.81.5
Title: California Consumer privacy Act of 2018 (the CCPA) and the California Privacy Rights Act of 2020

Search URL Search Domain Scan URL

URL: https://privacyportal.cookiepro.com/webform/ecd5f370-50ae-428c-8fdb-6ea08e183d40/4ac0fcb1-64bb-44c6-9a7d-21ccc7deba6a
Title: PII Report Request

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16946195370720.9771627610985048&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16946195370720.9771627610985048&invert_field_sensitivity=false

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request step2.html Show response
www.medicaresearcher.com/v_medsear_x15/ 15 KB
5 KB 83ms
30ms Document
text/html 18.173.187.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-95.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02bf6e905d4625f5ad7fccf3b85ebe5093c0f7c7f14ca5385b4d2c4d802b553c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16689
content-encoding: gzip
content-type: text/html
date: Wed, 13 Sep 2023 11:00:48 GMT
etag: W/"bb4372d09d7c5a188177d5fef7ccee99"
last-modified: Mon, 03 Jul 2023 14:37:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
x-amz-cf-id: sC2E_ZU9vGhLI65Bj5eaW0dHatU4Git-s2Fc34Y0dExM00AAodQcNA==
x-amz-cf-pop: MUC50-P4
x-cache: Hit from cloudfront

GET
H2 200 bootstrap.min.css
www.medicaresearcher.com/shared/css/ 98 KB
17 KB 32ms
32ms Stylesheet
text/css 18.173.187.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicaresearcher.com/shared/css/bootstrap.min.css
Requested by: Host: www.medicaresearcher.com
URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-95.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f68c098349cbf9fd3876d9291f5dca588b7a12f7a528de9735d4299efefefb16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/v_medsear_x15/step2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 11:00:26 GMT
content-encoding: gzip
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2019 18:43:17 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 16711
etag: W/"2043f0a5079419f3de9d411d9d8489d4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: GXLP3yd9X2JlT6pVrdIOQig9lziPpwP7Z94MlNIZEY5-OiIcQ_2RrA==

GET
H2 200 styles.css
www.medicaresearcher.com/shared/css/ 9 KB
3 KB 204ms
204ms Stylesheet
text/css 18.173.187.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicaresearcher.com/shared/css/styles.css
Requested by: Host: www.medicaresearcher.com
URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-95.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eee6e18fe75c00b9ba74824d1a809348d3473254d9ae137c9b0ebcd8522e346e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/v_medsear_x15/step2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 15:38:57 GMT
content-encoding: gzip
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 16:51:07 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
etag: W/"4e383803aafa5f98a98d257a067f118d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: puLFGovinabivOl_1gPHCNWhwxGKf7RQKnuenxSqAQnwWW_bkmUNiA==

GET
H2 200 styles.css
www.medicaresearcher.com/v_medsear_x15/css/ 18 KB
4 KB 173ms
172ms Stylesheet
text/css 18.173.187.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicaresearcher.com/v_medsear_x15/css/styles.css
Requested by: Host: www.medicaresearcher.com
URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-95.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f728c6905bc434cb084ed965726f69fcbabe28a013223142cbf5ccafa436debd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/v_medsear_x15/step2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 15:38:57 GMT
content-encoding: gzip
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
last-modified: Thu, 22 Sep 2022 20:30:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
etag: W/"d105dd655eb1f8c927374bc4b29a56ed"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: 7m3u71WvwgLRp_uIfkgNuu_b-zlt9dSJNKISnu5lg228a-k4sWPQSg==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
96 KB 124ms
38ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4

Requested by

Host: www.medicaresearcher.com
URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 06:49:35 GMT
x-content-type-options: nosniff
age: 463761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97163
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 06:49:35 GMT

GET
H2 200 js.php Show response
www.medicaresearcher.com/consumer/ 30 KB
30 KB 258ms
256ms Script
text/javascript 18.173.187.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicaresearcher.com/consumer/js.php?form_id=480&js_version=2&ab_testing=&geo_lookup=&tcpa=&ajax_pageload=&dl_validate=&provision_number=&scroll_top=&terms_conditions=&privacy_policy=&unsubscribe_modal=&phone_masked_input=&full_name=&marketing_partners=
Requested by: Host: www.medicaresearcher.com
URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-95.muc50.r.cloudfront.net
Software: nginx/1.15.12 / PHP/7.3.4
Resource Hash: 2a81d6908dcb3ecb31cb750b3bf74fb0f6a21dd314fe1cb0411ce059385eebf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/v_medsear_x15/step2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 15:38:56 GMT
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
server: nginx/1.15.12
x-amz-cf-pop: MUC50-P4
x-powered-by: PHP/7.3.4
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-amz-cf-id: 0iWkcMADVbij_04IgYF-CRGPbkjTLqlH5B8Fbp3Hmvbl8LuCqjVKqg==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 sitelogo-black.png
www.medicaresearcher.com/v_medsear_x15/images/ 23 KB
23 KB 227ms
225ms Image
image/png 18.173.187.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medicaresearcher.com/v_medsear_x15/images/sitelogo-black.png
Requested by: Host: www.medicaresearcher.com
URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-95.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae8d5cc99223599dfd5d375e2980e1171081bcd41c54d70a42a0b65ef6f5a1d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/v_medsear_x15/step2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 15:38:57 GMT
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
last-modified: Thu, 22 Sep 2022 20:30:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
etag: "963cc36b22d128b77f5e4a61f1bec9d9"
x-cache: Miss from cloudfront
content-type: image/png
content-length: 23134
x-amz-cf-id: 8uDZwZXCK7xIv55Beqi8YNsYzdwrSgD_Jdg5fpc8zBQioNEkMwI6Jg==

GET
H2 200 progress-heart.png
www.medicaresearcher.com/v_medsear_x15/images/ 2 KB
2 KB 25ms
23ms Image
image/png 18.173.187.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medicaresearcher.com/v_medsear_x15/images/progress-heart.png
Requested by: Host: www.medicaresearcher.com
URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-95.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d56c4dab5342d56a89b477224f4cb893bc8208fe6bceaa4256b175bceb740ea9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/v_medsear_x15/step2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 11:00:48 GMT
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
last-modified: Mon, 01 Nov 2021 22:07:29 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 16689
etag: "2eeab22ee229274bcb0553ff0b717d70"
x-cache: Hit from cloudfront
content-type: image/png
content-length: 1602
x-amz-cf-id: QMPPL9iI8obaKmBmISWfHJ9dxg5HG6QoO-rLYCFGLil_bWVazLxAmw==

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.0.8/ 80 KB
80 KB 125ms
124ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.0.8/angular.min.js?ver=1.0.8

Requested by

Host: www.medicaresearcher.com
URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e28ec298a331f5700efdfc81ca49823437441b27df26da43f7041dda25629f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 14:10:29 GMT
x-content-type-options: nosniff
age: 178107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81447
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Sep 2024 14:10:29 GMT

GET
H2 200 bootstrap.min.js Show response
netdna.bootstrapcdn.com/bootstrap/3.1.1/js/ 28 KB
8 KB 55ms
23ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js?ver=3.1.1

Requested by

Host: www.medicaresearcher.com
URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 15:38:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 711, 718, 718
age: 12017398
cdn-cachedat: 2021-06-04 13:23:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 4b620bf477ad795b99fe95baa66bcbef
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 80617ae8aa1a39ee-FRA
cdn-requestpullsuccess: True

GET
H2 200 js_visitor_settings.php Show response
dev.visualwebsiteoptimizer.com/deploy/ 4 KB
2 KB 62ms
23ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=351829&url=https%3A%2F%2Fwww.medicaresearcher.com%2Fv_medsear_x15%2Fstep2.html&random=0.9349898603093438
Requested by: Host: www.medicaresearcher.com
URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: d9b589d4f569adfe6e2c52d4a184def00a1d91f0efb2ba578c514c7957002474

Request headers

Referer: https://www.medicaresearcher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 13 Sep 2023 15:38:56 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/javascript; charset=UTF-8

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 137ms
136ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=351829&d=medicaresearcher.com&u=D49F405F6BF2200DFAB3CEFB5015E8EFA&h=f8186a136e1b31ba26b9e44b5c4ff344&r=0.07676843488853735

Requested by

Host: www.medicaresearcher.com
URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 15:38:55 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
850 B 131ms
47ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Requested by

Host: www.medicaresearcher.com
URL: https://www.medicaresearcher.com/v_medsear_x15/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Sep 2023 15:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 14:15:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Sep 2023 15:38:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 338 KB
91 KB 161ms
77ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9HSR7N

Requested by

Host: www.medicaresearcher.com
URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de428c5c267ede50fb69d3b61fee4332e3e23b3ce69862229ebf3549ab5148ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 15:38:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92555
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Sep 2023 15:38:57 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 124ms
39ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medicaresearcher.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 06:54:44 GMT
x-content-type-options: nosniff
age: 117853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 06:54:44 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 160ms
75ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medicaresearcher.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 03:38:46 GMT
x-content-type-options: nosniff
age: 561611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Sep 2024 03:38:46 GMT

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16946195370720.9771627610985048&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16946195370720.9771627610985048&invert_field_sensitivity=false

8 KB
3 KB

284ms
229ms

Script
application/javascript

2600:9000:26db:f600:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16946195370720.9771627610985048&invert_field_sensitivity=false
Requested by: Host: www.medicaresearcher.com
URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html
Protocol: H2
Server: 2600:9000:26db:f600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67f12cf93a1cc9362434e6e7c8e85c4bcd6e3a2581a72151db419fe5c80cc172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 15:38:58 GMT
x-amz-version-id: VYbEY.MiInIC2XBLlwPznUQVcKJYQghU
content-encoding: gzip
last-modified: Fri, 25 Aug 2023 18:26:50 GMT
server: AmazonS3
via: 1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
etag: W/"d94453f100706b5b82570d14e8faab14"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: EWlF9fEbmkZtNOD71fWgA1Pz0MBGrMxLOkBj9HorkEAwn9eAR6u9mA==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16946195370720.9771627610985048&invert_field_sensitivity=false
date: Wed, 13 Sep 2023 15:38:57 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 contact_form.html Show response
www.medicaresearcher.com/consumer/templates/ 5 KB
2 KB 209ms
209ms XHR
text/html 18.173.187.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicaresearcher.com/consumer/templates/contact_form.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.0.8/angular.min.js?ver=1.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-95.muc50.r.cloudfront.net
Software: nginx/1.15.12 /
Resource Hash: 3dbca5f65a3cb8c1bddb622045599953d3e6872095192e61e2cda88cf2cb0287

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.medicaresearcher.com/v_medsear_x15/step2.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 15:38:57 GMT
content-encoding: gzip
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
last-modified: Wed, 13 Sep 2023 12:32:46 GMT
server: nginx/1.15.12
x-amz-cf-pop: MUC50-P4
etag: W/"6501abee-150d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html
x-amz-cf-id: 5PZNs7CbhnQnm12ZRhO2erDmJKrQpkQ7Sok5tPdSasYwGYFHvUJbhQ==

GET
H2 200 resume_form.html Show response
www.medicaresearcher.com/consumer/templates/ 511 B
818 B 211ms
210ms XHR
text/html 18.173.187.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicaresearcher.com/consumer/templates/resume_form.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.0.8/angular.min.js?ver=1.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-95.muc50.r.cloudfront.net
Software: nginx/1.15.12 /
Resource Hash: f96b49a2d0ed6f04fb6730f196ff0800572d8f05c2142bf69ead656514d9e075

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.medicaresearcher.com/v_medsear_x15/step2.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 15:38:57 GMT
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
last-modified: Wed, 13 Sep 2023 14:17:18 GMT
server: nginx/1.15.12
x-amz-cf-pop: MUC50-P4
etag: "6501c46e-1ff"
x-cache: Miss from cloudfront
content-type: text/html
accept-ranges: bytes
content-length: 511
x-amz-cf-id: SZ_wy7XgD9Uo8Iv8wbXkaqCM7v2L0GBCKG_9jc-rQ9pgSlw31mCO4A==

POST
H2 200 init.php Show response
www.medicaresearcher.com/consumer/ 736 B
1 KB 298ms
298ms XHR
text/html 18.173.187.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicaresearcher.com/consumer/init.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.0.8/angular.min.js?ver=1.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-95.muc50.r.cloudfront.net
Software: nginx/1.15.12 / PHP/7.3.4
Resource Hash: dc5548e1b9144d2306adc9377e43f65bd96e644e2c66f3c752b7e1151d77c6e2

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.medicaresearcher.com/v_medsear_x15/step2.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 15:38:57 GMT
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
server: nginx/1.15.12
x-amz-cf-pop: MUC50-P4
x-powered-by: PHP/7.3.4
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-amz-cf-id: WHsyela8_KfgtNdIkeHZnfQxHl6PlSA7HaMy4Ft-hKuIRH6T2HYZZA==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9HSR7N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Sep 2023 13:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6554
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 13 Sep 2023 15:49:43 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
227 B 47ms
45ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=144923954&t=pageview&_s=1&dl=https%3A%2F%2Fwww.medicaresearcher.com%2Fv_medsear_x15%2Fstep2.html&ul=en-us&de=UTF-8&dt=MedicareSearcher&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=23786943&gjid=1958073850&cid=1284158801.1694619537&tid=UA-57087543-15&_gid=1558356849.1694619537&_r=1&_slc=1&gtm=45He39b0n81W9HSR7N&z=611206721

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

7e1ae36ffa5960f5d719bfc7e60df49cc836f2c3f3a9d0e65f8a9bf2e9506373

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medicaresearcher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 15:38:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.medicaresearcher.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixels.php Show response
www.medicaresearcher.com/consumer/ Frame 0908 60 B
404 B 267ms
266ms Document
text/html 18.173.187.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicaresearcher.com/consumer/pixels.php?page=2
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-95.muc50.r.cloudfront.net
Software: nginx/1.15.12 / PHP/7.3.4
Resource Hash: 95ef4634732e91c56522df00562e4043cdf0fd4b8fd85231749b3dea34d5bb82

Request headers

Referer: https://www.medicaresearcher.com/v_medsear_x15/step2.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html;charset=UTF-8
date: Wed, 13 Sep 2023 15:38:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.15.12
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
x-amz-cf-id: LJB1I6oJndxkWkl36vPWEuNKojOqIU9cto0iA03OpWgSws0p3sL-lA==
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
x-powered-by: PHP/7.3.4

GET
H2 200 s.js Show response
cdn.siftscience.com/ 62 KB
21 KB 57ms
16ms Script
application/javascript 34.96.67.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.siftscience.com/s.js

Requested by

Host: www.medicaresearcher.com
URL: https://www.medicaresearcher.com/consumer/js.php?form_id=480&js_version=2&ab_testing=&geo_lookup=&tcpa=&ajax_pageload=&dl_validate=&provision_number=&scroll_top=&terms_conditions=&privacy_policy=&unsubscribe_modal=&phone_masked_input=&full_name=&marketing_partners=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

224.67.96.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 16:43:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1378498
x-guploader-uploadid: ADPycds1yLSc2gHAgmwzBlWLUpCRldIltOZ9If_Ce-wKD-3-qukKOHKygeoF16bhzPF9kKeIqqM5VjI6OKOhuB5dr7yjwA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20500
last-modified: Tue, 28 Feb 2023 22:39:30 GMT
server: UploadServer
etag: "476f50cbc514dd2a147e8856d7d6a2eb"
x-goog-generation: 1677623970358201
x-goog-hash: crc32c=v7KhDA==, md5=R29Qy8UU3SoUfohW19ai6w==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 20500
accept-ranges: bytes
expires: Tue, 27 Aug 2024 16:43:59 GMT

GET
H/1.1 200
OK 5a020f49-2ba7-3b7d-aec8-196822fc1647.js Show response
d1tprjo2w7krrh.cloudfront.net/campaign/ 123 KB
124 KB 75ms
31ms Script
text/javascript 18.66.188.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/5a020f49-2ba7-3b7d-aec8-196822fc1647.js
Requested by: Host: www.medicaresearcher.com
URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.188.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-188-78.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e938376d155bd00943e40c6200847b98cb6819c3cfdfe573a0742f1c36b70cbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id: uRp8ee2NR2kDpVDv3vV.3U3Ow7Yy7Rw6
Date: Wed, 13 Sep 2023 15:27:36 GMT
Via: 1.1 777f1d1b9036eab1bd4b9cdaea74f798.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P1
Age: 682
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 126350
Last-Modified: Fri, 12 Nov 2021 00:52:23 GMT
Server: AmazonS3
ETag: "eac38c17d23b98c8c8bc3284d0529652"
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
X-Amz-Cf-Id: PqnYmT4NgpwmVhEmbJckUWH9YBpmccOgw3s8yhOYenAYHUY7zwiUXw==

POST
H2 200 ajax.php Show response
www.medicaresearcher.com/consumer/ 60 B
399 B 176ms
176ms XHR
application/json 18.173.187.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicaresearcher.com/consumer/ajax.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.0.8/angular.min.js?ver=1.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-95.muc50.r.cloudfront.net
Software: nginx/1.15.12 / PHP/7.3.4
Resource Hash: 0948cb56c169f2c88e77c91bb7063f10703fad535b9f63a3416f19e51bf6e835

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.medicaresearcher.com/v_medsear_x15/step2.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 15:38:57 GMT
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
server: nginx/1.15.12
x-amz-cf-pop: MUC50-P4
x-powered-by: PHP/7.3.4
x-cache: Miss from cloudfront
content-type: application/json
cache-control: no-store, no-cache, must-revalidate
x-amz-cf-id: aDSgzAcXLudE-rSyEftlNZ1RhSg1sztgZueAVfJKCSUTPpSndCDgwQ==
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 provision_number.php Show response
www.medicaresearcher.com/consumer/ 90 B
430 B 751ms
750ms XHR
application/json 18.173.187.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicaresearcher.com/consumer/provision_number.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.0.8/angular.min.js?ver=1.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-95.muc50.r.cloudfront.net
Software: nginx/1.15.12 / PHP/7.3.4
Resource Hash: e2da029f729b223e469fe43ae06a071202ad82acf13d733510ba0f66868cf030

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.medicaresearcher.com/v_medsear_x15/step2.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 15:38:58 GMT
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
server: nginx/1.15.12
x-amz-cf-pop: MUC50-P4
x-powered-by: PHP/7.3.4
x-cache: Miss from cloudfront
content-type: application/json
cache-control: no-store, no-cache, must-revalidate
x-amz-cf-id: ycDW45TR6Ykrb6P6I_VTrXGrJPEej-gNQsLP5TPfMYq4IBLwR8xTCg==
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 ajax.php Show response
www.medicaresearcher.com/consumer/ 130 B
469 B 267ms
266ms XHR
application/json 18.173.187.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicaresearcher.com/consumer/ajax.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.0.8/angular.min.js?ver=1.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-95.muc50.r.cloudfront.net
Software: nginx/1.15.12 / PHP/7.3.4
Resource Hash: 184a058b7ca2338279426eb61796d74c73a475f66df6e5a9372bbebc272c5c24

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.medicaresearcher.com/v_medsear_x15/step2.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 15:38:57 GMT
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
server: nginx/1.15.12
x-amz-cf-pop: MUC50-P4
x-powered-by: PHP/7.3.4
x-cache: Miss from cloudfront
content-type: application/json
cache-control: no-store, no-cache, must-revalidate
x-amz-cf-id: q6RPyjC0VQyhQGq6aZ3-c9Va-x7_EBvIsTQd_3hRAVb49cJWV2t4mg==
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 ajax.php Show response
www.medicaresearcher.com/consumer/ 118 KB
119 KB 297ms
297ms XHR
application/json 18.173.187.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicaresearcher.com/consumer/ajax.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.0.8/angular.min.js?ver=1.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-95.muc50.r.cloudfront.net
Software: nginx/1.15.12 / PHP/7.3.4
Resource Hash: 0b9371607166c18dc0010870516cfed22c6b5506b97938baf82c5d347e4dbc3c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.medicaresearcher.com/v_medsear_x15/step2.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 15:38:57 GMT
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
server: nginx/1.15.12
x-amz-cf-pop: MUC50-P4
x-powered-by: PHP/7.3.4
x-cache: Miss from cloudfront
content-type: application/json
cache-control: no-store, no-cache, must-revalidate
x-amz-cf-id: JDtj5mOV4rR3Cjpt8TdA4B9MR8NtToodRxJqo8zLkwm6ejeDyRHmNw==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 66ms
64ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R3GXDVRVKF&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dacbb8227fdf0f1db6a88b1c7cb5e0a4243ee5b7469ca7d034f4a44819feabd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 15:38:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82556
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Sep 2023 15:38:57 GMT

GET
H2 200 219052.gif
hexagon-analytics.com/images/ 43 B
297 B 151ms
113ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/219052.gif?bk=7d11d385bb&tm=73&r=642604589&v=106&cs=UTF-8&h=www.medicaresearcher.com&l=en-US&S=9f07de1e9aa0c66ec87c5e2e912dba28&uu=84992084e369d852e76d3b65a5d8b72&t=MedicareSearcher&u=https%3A%2F%2Fwww.medicaresearcher.com%2Fv_medsear_x15%2Fstep2.html&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.187%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=-120&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z

Requested by

Host: www.medicaresearcher.com
URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 15:38:57 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
658 B 373ms
147ms XHR
text/plain 3.226.176.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=c6923aac-8196-4a67-99d3-0707f222e119&_=542550559

Requested by

Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/5a020f49-2ba7-3b7d-aec8-196822fc1647.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.226.176.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-176-119.compute-1.amazonaws.com

Software

nginx /

Resource Hash

66c86c1fa281d0bda9bf1de37ec06be2c60f6aec9a1742d58151e6d35005f40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicaresearcher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Sep 2023 15:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 51ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-R3GXDVRVKF&gtm=45je39b0&_p=144923954&ul=en-us&sr=1600x1200&cid=1284158801.1694619537&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.medicaresearcher.com%2Fv_medsear_x15%2Fstep2.html&dt=MedicareSearcher&sid=1694619537&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R3GXDVRVKF&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 15:38:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.medicaresearcher.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 300ms
101ms XHR
application/json 44.196.195.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16946195370720.9771627610985048&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.195.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-195-84.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 18a71ee4e54141e811e152d6e3b5606af048cec7b8bd67ec8e2b5b877a9edf63

Request headers

Referer: https://www.medicaresearcher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Sep 2023 15:38:57 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 62C2 3 KB
2 KB 64ms
13ms Document
text/html 18.173.184.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=A3744457-62C3-DAB6-2C35-37D1764142AA&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=5A020F49-2BA7-3B7D-AEC8-196822FC1647&lac=F6A97670-85B6-6871-F5AC-BBA6473267E7

Requested by

Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/5a020f49-2ba7-3b7d-aec8-196822fc1647.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.173.184.195 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-184-195.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicaresearcher.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 53509
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 13 Sep 2023 00:48:25 GMT
ETag: W/"64d2bf08-dbb"
Last-Modified: Tue, 08 Aug 2023 22:17:44 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 86df4d22c97ec96360d46cef55fb5f2a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 4vZFhxT0W7TOCPK4keYuwYk6RSBbxp7gG6SfP7j99PtlBCLz3RbM_Q==
X-Amz-Cf-Pop: MUC50-P4
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
622 B 107ms
107ms XHR
text/plain 3.226.176.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=c6923aac-8196-4a67-99d3-0707f222e119&token=A3744457-62C3-DAB6-2C35-37D1764142AA&_=542550560

Requested by

Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/5a020f49-2ba7-3b7d-aec8-196822fc1647.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.226.176.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-176-119.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicaresearcher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Sep 2023 15:38:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
623 B 178ms
177ms XHR
text/plain 3.226.176.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=c6923aac-8196-4a67-99d3-0707f222e119&token=A3744457-62C3-DAB6-2C35-37D1764142AA&_=542550561

Requested by

Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/5a020f49-2ba7-3b7d-aec8-196822fc1647.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.226.176.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-176-119.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicaresearcher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Sep 2023 15:38:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 trustedform-1.9.2.js Show response
cdn.trustedform.com/ 103 KB
37 KB 16ms
16ms Script
application/javascript 2600:9000:26db:f600:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.9.2.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16946195370720.9771627610985048&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:f600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2df2073609d94c3fd98160d8edf4521c4828bddf51d2e9c2be09b7281283ce49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id: Xe3LfP89RQ8zinJZ1qzPO.UZf_GE7yty
content-encoding: gzip
via: 1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
date: Wed, 13 Sep 2023 15:38:35 GMT
last-modified: Fri, 25 Aug 2023 18:26:50 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 30
etag: W/"3b6ed1750cf7d966d1af906e1f07874e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: URXoHaGcCXZ_QC6XspCozfYi-nPIqCcAfoDLi1Df5Rhv9-uJvfhe1w==

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame FDE0 4 KB
2 KB 349ms
107ms Document
text/html 34.194.117.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=A3744457-62C3-DAB6-2C35-37D1764142AA&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=5A020F49-2BA7-3B7D-AEC8-196822FC1647&lac=F6A97670-85B6-6871-F5AC-BBA6473267E7
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=A3744457-62C3-DAB6-2C35-37D1764142AA&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=5A020F49-2BA7-3B7D-AEC8-196822FC1647&lac=F6A97670-85B6-6871-F5AC-BBA6473267E7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.117.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-117-67.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Wed, 13 Sep 2023 15:38:58 GMT
etag: W/"649348e0-1049"
expires: Thu, 14 Sep 2023 15:38:58 GMT
last-modified: Wed, 21 Jun 2023 19:00:48 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

POST
H2 204 snapshot Show response
api.trustedform.com/certs/96c7b653d76964c52d0e85cf2b21eb685c234d79/ 0
159 B 298ms
298ms XHR
text/plain 44.196.195.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/96c7b653d76964c52d0e85cf2b21eb685c234d79/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.195.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-195-84.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.medicaresearcher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 13 Sep 2023 15:38:58 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/96c7b653d76964c52d0e85cf2b21eb685c234d79/ 0
159 B 290ms
290ms XHR
text/plain 44.196.195.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/96c7b653d76964c52d0e85cf2b21eb685c234d79/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.195.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-195-84.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.medicaresearcher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 13 Sep 2023 15:38:58 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H2 200 sitelogo-black.png
www.medicaresearcher.com/v_medsear_x15/images/ 23 KB
23 KB 25ms
24ms Image
image/png 18.173.187.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medicaresearcher.com/v_medsear_x15/images/sitelogo-black.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-95.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae8d5cc99223599dfd5d375e2980e1171081bcd41c54d70a42a0b65ef6f5a1d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/v_medsear_x15/step2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 15:38:57 GMT
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
last-modified: Thu, 22 Sep 2022 20:30:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 2
etag: "963cc36b22d128b77f5e4a61f1bec9d9"
x-cache: Hit from cloudfront
content-type: image/png
content-length: 23134
x-amz-cf-id: zixYkbI4MdeGL8BRA52lvIc39_EZ6UY9pHNkGtcyjDzeXRlnEKEUmg==

GET
H2 200 progress-heart.png
www.medicaresearcher.com/v_medsear_x15/images/ 2 KB
2 KB 15ms
14ms Image
image/png 18.173.187.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medicaresearcher.com/v_medsear_x15/images/progress-heart.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-95.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d56c4dab5342d56a89b477224f4cb893bc8208fe6bceaa4256b175bceb740ea9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medicaresearcher.com/v_medsear_x15/step2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 11:00:48 GMT
via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
last-modified: Mon, 01 Nov 2021 22:07:29 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 16691
etag: "2eeab22ee229274bcb0553ff0b717d70"
x-cache: Hit from cloudfront
content-type: image/png
content-length: 1602
x-amz-cf-id: DWQsTnhg6bNPJ2wWSZuyQwG0GjJMD7HG-8rv2a0YTv9kKLAzLRKhMg==

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
623 B 110ms
109ms XHR
text/plain 3.226.176.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=4&pid=c6923aac-8196-4a67-99d3-0707f222e119&token=A3744457-62C3-DAB6-2C35-37D1764142AA&_=542550562

Requested by

Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/5a020f49-2ba7-3b7d-aec8-196822fc1647.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.226.176.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-176-119.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicaresearcher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Sep 2023 15:38:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame FDE0 0
627 B 301ms
102ms Script
text/javascript 3.226.176.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=F6A97670-85B6-6871-F5AC-BBA6473267E7&lck=5A020F49-2BA7-3B7D-AEC8-196822FC1647&methods=48&token=A3744457-62C3-DAB6-2C35-37D1764142AA&uuid=bb0bc7026f48442ab711acbf7e452bc1

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=A3744457-62C3-DAB6-2C35-37D1764142AA&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=5A020F49-2BA7-3B7D-AEC8-196822FC1647&lac=F6A97670-85B6-6871-F5AC-BBA6473267E7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.226.176.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-176-119.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 15:38:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events
api.trustedform.com/certs/96c7b653d76964c52d0e85cf2b21eb685c234d79/ 0
159 B 202ms
202ms Ping
text/plain 44.196.195.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/96c7b653d76964c52d0e85cf2b21eb685c234d79/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.195.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-195-84.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.medicaresearcher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 13 Sep 2023 15:38:58 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 204 events Show response
api.trustedform.com/certs/96c7b653d76964c52d0e85cf2b21eb685c234d79/ 0
159 B 102ms
102ms XHR
text/plain 44.196.195.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/96c7b653d76964c52d0e85cf2b21eb685c234d79/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.196.195.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-195-84.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.medicaresearcher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 13 Sep 2023 15:38:59 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
623 B 419ms
315ms XHR
text/plain 3.226.176.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=5&pid=c6923aac-8196-4a67-99d3-0707f222e119&token=A3744457-62C3-DAB6-2C35-37D1764142AA&_=542550563

Requested by

Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/5a020f49-2ba7-3b7d-aec8-196822fc1647.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.226.176.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-176-119.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicaresearcher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Sep 2023 15:38:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
622 B 178ms
178ms XHR
text/plain 3.226.176.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=6&pid=c6923aac-8196-4a67-99d3-0707f222e119&token=A3744457-62C3-DAB6-2C35-37D1764142AA&_=542550564

Requested by

Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/5a020f49-2ba7-3b7d-aec8-196822fc1647.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.226.176.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-176-119.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.medicaresearcher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Sep 2023 15:38:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.medicaresearcher.com/	1970-01-20 23:30:41	Name: _vwo_uuid_v2 Value: D49F405F6BF2200DFAB3CEFB5015E8EFA\|f8186a136e1b31ba26b9e44b5c4ff344
www.medicaresearcher.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 65139rv456np4nfkn38lffnt0n
.medicaresearcher.com/	1970-01-20 16:53:15	Name: _gcl_au Value: 1.1.619027889.1694619537
.medicaresearcher.com/	1970-01-21 00:19:39	Name: _ga Value: GA1.2.1284158801.1694619537
.medicaresearcher.com/	1970-01-20 14:45:05	Name: _gid Value: GA1.2.1558356849.1694619537
.medicaresearcher.com/	1970-01-20 14:43:39	Name: _gat_UA-57087543-15 Value: 1
www.medicaresearcher.com/	1970-01-20 19:02:51	Name: cookie_webtracking_ids Value: [1047674199]
.medicaresearcher.com/	1970-01-21 00:19:39	Name: __ssid Value: 84992084e369d852e76d3b65a5d8b72
.medicaresearcher.com/	1970-01-21 00:19:39	Name: _ga_R3GXDVRVKF Value: GS1.2.1694619537.1.0.1694619537.0.0.0
www.medicaresearcher.com/	1970-01-20 14:43:40	Name: leadid_token-F6A97670-85B6-6871-F5AC-BBA6473267E7-5A020F49-2BA7-3B7D-AEC8-196822FC1647 Value: A3744457-62C3-DAB6-2C35-37D1764142AA
.deviceid.trueleadid.com/	1970-01-21 00:19:39	Name: uuid Value: bb0bc7026f48442ab711acbf7e452bc1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html(Line 22) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=351829&url=https%3A%2F%2Fwww.medicaresearcher.com%2Fv_medsear_x15%2Fstep2.html&random=0.9349898603093438, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.medicaresearcher.com/v_medsear_x15/step2.html(Line 22) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=351829&url=https%3A%2F%2Fwww.medicaresearcher.com%2Fv_medsear_x15%2Fstep2.html&random=0.9349898603093438, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.trustedform.com
cdn.siftscience.com
cdn.trustedform.com
create.leadid.com
d1tprjo2w7krrh.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
dev.visualwebsiteoptimizer.com
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
hexagon-analytics.com
netdna.bootstrapcdn.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
www.medicaresearcher.com
18.173.184.195
18.173.187.95
18.66.188.78
2001:4860:4802:34::36
2600:9000:26db:f600:1c:7f1a:6680:93a1
2606:4700::6812:acf
2a00:1450:4001:809::200a
2a00:1450:4001:811::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:831::200a
3.226.176.119
34.102.232.42
34.194.117.67
34.96.102.137
34.96.67.224
44.196.195.84
02bf6e905d4625f5ad7fccf3b85ebe5093c0f7c7f14ca5385b4d2c4d802b553c
0948cb56c169f2c88e77c91bb7063f10703fad535b9f63a3416f19e51bf6e835
0b9371607166c18dc0010870516cfed22c6b5506b97938baf82c5d347e4dbc3c
184a058b7ca2338279426eb61796d74c73a475f66df6e5a9372bbebc272c5c24
18a71ee4e54141e811e152d6e3b5606af048cec7b8bd67ec8e2b5b877a9edf63
2a81d6908dcb3ecb31cb750b3bf74fb0f6a21dd314fe1cb0411ce059385eebf1
2df2073609d94c3fd98160d8edf4521c4828bddf51d2e9c2be09b7281283ce49
3dbca5f65a3cb8c1bddb622045599953d3e6872095192e61e2cda88cf2cb0287
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66c86c1fa281d0bda9bf1de37ec06be2c60f6aec9a1742d58151e6d35005f40b
67f12cf93a1cc9362434e6e7c8e85c4bcd6e3a2581a72151db419fe5c80cc172
7e1ae36ffa5960f5d719bfc7e60df49cc836f2c3f3a9d0e65f8a9bf2e9506373
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
95ef4634732e91c56522df00562e4043cdf0fd4b8fd85231749b3dea34d5bb82
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ae8d5cc99223599dfd5d375e2980e1171081bcd41c54d70a42a0b65ef6f5a1d2
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d56c4dab5342d56a89b477224f4cb893bc8208fe6bceaa4256b175bceb740ea9
d9b589d4f569adfe6e2c52d4a184def00a1d91f0efb2ba578c514c7957002474
dacbb8227fdf0f1db6a88b1c7cb5e0a4243ee5b7469ca7d034f4a44819feabd4
dc5548e1b9144d2306adc9377e43f65bd96e644e2c66f3c752b7e1151d77c6e2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de428c5c267ede50fb69d3b61fee4332e3e23b3ce69862229ebf3549ab5148ed
e28ec298a331f5700efdfc81ca49823437441b27df26da43f7041dda25629f9d
e2da029f729b223e469fe43ae06a071202ad82acf13d733510ba0f66868cf030
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e938376d155bd00943e40c6200847b98cb6819c3cfdfe573a0742f1c36b70cbb
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
eee6e18fe75c00b9ba74824d1a809348d3473254d9ae137c9b0ebcd8522e346e
eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76
f68c098349cbf9fd3876d9291f5dca588b7a12f7a528de9735d4299efefefb16
f728c6905bc434cb084ed965726f69fcbabe28a013223142cbf5ccafa436debd
f96b49a2d0ed6f04fb6730f196ff0800572d8f05c2142bf69ead656514d9e075

www.medicaresearcher.com Open in urlscan Pro 18.173.187.95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

47 %IPv6

13 Domains

17 Subdomains

18 IPs

2 Countries

864 kBTransfer

1525 kBSize

11 Cookies

4 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.medicaresearcher.com Open in urlscan Pro
18.173.187.95 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

47 %
IPv6

13
Domains

17
Subdomains

18
IPs

2
Countries

864 kB
Transfer

1525 kB
Size

11
Cookies

49 HTTP transactions
1 data transactions